On July 16, 2025, threat actors gained access to a third-party cloud CRM (Salesforce) used by Allianz Life Insurance of North America via social engineering/vishing. Attackers used Salesforce Data Loader to bulk-exfiltrate approximately 2.8 million records. Allianz Life has ~1.4 million customers; the breach is reported to have affected the majority of them. Have I Been Pwned listed 1.1 million affected accounts. Stolen data includes names, addresses, phone numbers, birth dates, Tax IDs, insurance licence details, and firm affiliations. Attack attributed to a ShinyHunters/ScatteredLapsuSp1d3rHunters Telegram channel (alliance of ShinyHunters, Scattered Spider, Lapsus$). Part of a broader insurance industry targeting campaign in 2025.