On July 16, 2025, a malicious threat actor gained access to a third-party, cloud-based CRM system used by Allianz Life. The threat actor was able to obtain personally identifiable data related to the majority of Allianz Life customers, financial professionals, and select Allianz Life employees, using a social engineering technique. The data may have included information such as name, address, date of birth and Social Security number. Based on our investigation to-date, there is no evidence the Allianz Life network or other company systems were accessed, including our policy administration system.
We took immediate action to contain and mitigate the issue and notified the FBI.
While our incident is contained, our investigation is ongoing. We continue to assess whether additional security enhancements are appropriate. In addition to leveraging in-house cybersecurity and forensics resources, we have engaged a leading cyber-forensic consultant to assist in the investigation of this incident. With these experts, we are working to confirm the full scope and nature of the incident, and accurately identify affected individuals whose personal information may have been subject to unauthorized access.
We began the process of reaching out to financial professionals and impacted individuals with dedicated resources to assist them.
Please call your Allianz Life representative, or our dedicated support team at 800-270-5801 with questions on this incident. For questions related to identity monitoring services, please call Kroll at 866-819-7180. More information from Kroll can be found at https://allianzlife.kroll.com/.
Q: What happened?
A: On July 16, 2025, a malicious threat actor gained access to a third-party, cloud-based CRM system used by Allianz Life. The threat actor was able to obtain personally identifiable data related to the majority of Allianz Life customers, financial professionals, and select Allianz Life employees, using a social engineering technique.
Q: What kind of information was exposed in this event? How many people were impacted?
A: This incident potentially may have compromised personally identifiable data related to the majority of its customers and financial professionals, and select Allianz Life employees including information such as name, address, date of birth and Social Security number. Based on our investigation to-date, there is no evidence the Allianz Life network or other company systems were accessed, including our policy administration system.
Q: What is Allianz Life doing in response to the event? What is Allianz doing to mitigate the impacts of this event?
A: We took immediate action to contain and mitigate the issue and notified the FBI. We secured the system quickly. We immediately took steps to communicate to frontline employees the potential threat for social engineering specific to our CRM, followed by communications to all employees to be at heightened alert for cyber security, social engineering and fraud risks.
To help protect customers, financial professionals and employees, we implemented immediate additional safeguards to our business processes and controls.
While our incident is contained, our investigation is ongoing. We continue to assess whether additional security enhancements are appropriate. In addition to leveraging in-house cybersecurity and forensics resources, we have engaged a leading cyber-forensic consultant to assist in the investigation of this incident. With these experts, we are working to confirm the full scope and nature of the incident, and accurately identify affected individuals whose personal information may have been subject to unauthorized access. We began the process of reaching out to individuals impacted with dedicated resources to assist them. Once impacted individuals are identified, we will promptly provide notice and offer free identity monitoring services.
Q: What is Allianz Life doing to prevent similar events from happening in the future?
A: Allianz Life continues to work diligently to secure your personal information by continually assessing and enhancing our data protection measures. We also work diligently with our 3rd party providers to help ensure they do the same. We provide rigorous training and have strong security processes in place. In response to the recent incident, we implemented additional safeguards, including increased monitoring of our secure websites and heightened scrutiny of transactions and account changes.
Q: What steps are being taken to protect those impacted (i.e.: identity monitoring services)?
A: All impacted individuals will receive information to register to receive two free years of identity monitoring services through Kroll. It is also important for individuals to pay close attention to all accounts with all institutions, watch for any discrepancies and report those to those companies immediately.
Q. My client is being told to contact Kroll? Who is Kroll?
A. Kroll is a leading business risk management company and has been hired by Allianz Life to provide services to help impacted individuals register for identity monitoring services following the incident. For questions on identity monitoring services, please call Kroll at 866-819-7180.
Q. Why do impacted individuals have to call Kroll instead of Allianz directly?
A. Kroll can provide fast and expert support in registering for identity monitoring services.
Q: My client received a letter in the mail. Is this fraudulent, a scam or a real incident?
A: Federal and state laws require that we notify impacted individuals by mail. We can assure you that this incident did occur and thus we are offering the support identified within the notification letter. We would encourage clients to take advantage of the identity monitoring services provided and call us at the number noted within the letter if you have further questions or concerns.
Q. What steps is Allianz taking to answer client/financial professional questions not answered by this information?
A. Our Allianz Life representatives and customer-facing employees have been trained to help answer questions on this incident. We also have a special dedicated team in place for calls at 800-270-5801. For questions related to identity monitoring services, please call Kroll at 866-819-7180.
Q: Which of my clients were impacted?
A: While we do know that the majority of client records were compromised, we do not know with certainty which specific clients were impacted. We are leveraging in-house cybersecurity and forensics resources and we have engaged a leading cyber-forensic consultant to assist in the investigation of this incident. With these experts, we are working quickly to confirm the full scope and nature of the incident, and accurately identify affected individuals whose personal information may have been subject to unauthorized access.
Q: Why are you just telling me now?
A: We took immediate action to contain and mitigate the issue and notified the FBI. We are leveraging in-house cybersecurity and forensics resources and we have engaged a leading cyber-forensic consultant to assist in the investigation of this incident. With these experts, we have been working quickly to confirm the full scope and nature of the incident, and accurately identify affected individuals whose personal information may have been subject to unauthorized access.
Q: Why does Allianz Life have my client’s data when they are no longer associated with Allianz Life?
A: We keep records containing personal information in accordance with applicable state and federal regulations or contractual obligations. We aim to retain personal information only for as long as necessary. We may need to keep some personal information for longer than other information to comply with applicable laws and regulations. For more information, please go to our privacy notice on allianzlife.com.
Q: Was any health information included as part of the life Insurance underwriting process?
A: No, health information was not included.
Q: If my information or the information of one of my clients was compromised, will I be notified? What if I am also a policyholder?
A: All impacted individuals will be notified, including financial professionals who are also policyholders of Allianz Life.
Q: Can I put an extra password on my records at Allianz?
A: Allianz Life currently has multifactor authentication in place, which is more secure than an additional password.
Q: Is this related to other data incidents that have been in the news lately?
A: Data incidents such as these are occurring with increasing frequency. We can’t say which ones are related or not. We are focused on supporting and helping mitigate risk to those who were impacted by the incident that happened at Allianz Life.
Q: What should I tell my clients?
A: Impacted clients will soon receive a letter from Allianz Life with information and next steps. Please refer to this Resource Center for additional information for your reference as well.
Q: Will my clients be notified and when?
A: Yes, impacted individuals will receive a letter in the mail in the coming days along with information on how to register for two years of identity monitoring at no cost.
Q: How do I reassure my clients that it’s safe to continue to do business with Allianz?
A: We took immediate action to contain and mitigate the issue and, based on our investigation to-date, there is no evidence the Allianz Life network or other company systems were accessed, including our policy administration system. Many companies, especially financial services companies, have been targeted with similar attacks in the past weeks and months. Allianz Life has rigorous and comprehensive data protection training, and strong security measures and processes in place. And we continue to increase and enhance measures and practices to safeguard our customer, financial professional and employee data. At the same time, malicious threat actors are getting more sophisticated in their approaches as evidenced by similar attacks at other companies. Allianz Life remains strong and stable and has the full backing and support of our parent company, Allianz SE, a leading global financial services company.
Q: Will Allianz make any changes to its process to help protect information going forward?
A: We have always and continue to make ongoing security updates to make sure we are creating the safest environment possible for our data. Any procedural changes would be communicated via our standard channels.
Products are issued by Allianz Life Insurance Company of North America and distributed by its affiliate, Allianz Life Financial Services, LLC, member FINRA, 5701 Golden Hills Drive, Minneapolis, MN 55416-1297. 800.542.5427 www.allianzlife.com
For financial professional use only – not for use with the public.
Product and feature availability may vary by state and broker/dealer.
