· News · 1 min read
1.4 Million Insurance Customers. One Social Engineering Call.
Allianz Life Insurance confirmed a breach affecting 1.4 million customers in North America. Policy numbers, emails, phone numbers, dates of birth, Social Security numbers — all compromised.
How did attackers get in? Social engineering. Someone got talked into giving access.
The breach hit a third-party cloud-based CRM system. Not Allianz’s core infrastructure. A vendor platform holding customer data.
This is the pattern now: attackers don’t need to break through firewalls. They just need one person to make one mistake. And if sensitive data is scattered across multiple systems and vendors, every one of them is a potential entry point.
You can train employees. You can vet vendors. But if you don’t know where your sensitive data actually lives, you’re flying blind.