Though the specifics of what data was stolen in the attack have not been revealed, these breaches often include things like names, contact information, financial data and social security numbers. (Credit: nevodka.com/Adobe Stock)
Most of Allianz Life Insurance Company of North America’s 1.4 million customers, some financial professionals and select Allianz Life employees had their personal data exposed in a breach earlier this month, the insurer announced.
Though the specifics of what data was stolen have not been revealed, the information stolen in these attacks often includes things like names, contact information, financial data and social security numbers.
According to a statement from an Allianz Life spokesperson, hackers managed to gain access to one of the company's cloud vendors on July 16 using social engineering tactics to steal customers’ personally identifiable information. The insurer discovered the breach the following day.
Social engineering attacks are a common way for hackers to gain access to sensitive information by exploiting human interactions rather than using advanced technology. These scammers use personal interactions to try to fool a person into helping them pull off their scheme.
There are four key stages to social engineering attacks, according to Fraud.com:
- Information gathering: Prior to attacks, bad actors meticulously study their targets to determine the best way to construct a believable story. For this, they often utilize information freely shared on social media, including a person’s habits, schedule, relationships and interests.
- Building trust or creating urgency: Strategies vary based on both the scammer and their target, but these fraudsters either spend time building rapport to gain a person’s trust or introduce a sense of urgency by creating a fake emergency to get the person to take action.
- Exploitation: After their targets have either begun to trust them or are in a state of panic from their cultivated “emergency,” scammers use this to exploit and trick people into turning over sensitive information.
- Covering their tracks: Once a scammer has achieved their goal, they often use advanced methods to erase any sign of their nefarious activities.
Allianz Life noted that the breach was limited to the third-party cloud platform, and the company’s internal systems were not affected. Following the discovery of the breach, Allianz Life says it took immediate action to contain it and contacted the FBI.
© Touchpoint Markets, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.