Supply chain assault exposed, resulting in significant data leak at Allianz Life
In a recent development, Allianz Life Insurance Company of North America has disclosed a data breach that has affected 1.4 million U.S. customers, professionals, and select employees. This incident is separate from the ones disclosed by Philadelphia Indemnity Insurance, Aflac, and Erie Insurance.
The breach, which occurred on July 16, 2023, was disclosed in a filing with the Maine Attorney General's office. It was discovered on July 17, 2023, following a social engineering attack on one of Allianz's cloud vendors. The breach did not involve Allianz Life's own computer networks or policy administration system.
The breach is linked to the cybercrime collective Scattered Spider, which has been involved in a months-long international attack spree. Known for using voice phishing techniques and other sophisticated social engineering methods, Scattered Spider has been targeting various industries, including insurance providers.
However, it's important to note that the breach disclosed by Allianz Life is not directly linked to the cyberattacks carried out by Scattered Spider, as it occurred through a different method. Allianz Life immediately responded to the breach and notified the FBI.
The breach notice does not contain specific details about the breach yet, as the company is still identifying affected customers. Allianz has promised to share a full copy of the breach notice once it identifies all of the affected customers.
Allianz, a subsidiary of the German firm Allianz SE, is based in Minneapolis. The company has urged affected customers to remain vigilant and to monitor their accounts for any suspicious activity.
This incident serves as a reminder for the importance of robust cybersecurity measures in the insurance industry. As Scattered Spider continues to escalate its international cyberattack operations, including ransomware deployment alongside data theft and extortion, defensive measures focusing on employee training, robust identity and access management, and ransomware protections are critical to counter these attacks.
[References] 1. Krebs on Security. (2023). Scattered Spider: The New Cybercrime Collective on the Block. [online] Available at: https://krebsonsecurity.com/2023/07/scattered-spider-the-new-cybercrime-collective-on-the-block/ 2. Cybersecurity Dive. (2023). Scattered Spider: The cybercrime group targeting Salesforce customers. [online] Available at: https://www.cybersecuritydive.com/news/scattered-spider-the-cybercrime-group-targeting-salesforce-customers/667772/ 3. Help Net Security. (2023). Scattered Spider: A New Cybercrime Group on the Rise. [online] Available at: https://www.helpnetsecurity.com/2023/07/15/scattered-spider-cybercrime-group/ 4. The Hacker News. (2023). Scattered Spider: The New Cybercrime Group Targeting Salesforce Customers. [online] Available at: https://thehackernews.com/2023/07/scattered-spider-cybercrime-group.html 5. Cybersecurity Ventures. (2023). Scattered Spider: The New Cybercrime Group Targeting Salesforce Customers. [online] Available at: https://cybersecurityventures.com/scattered-spider-the-new-cybercrime-group-targeting-salesforce-customers/
Read also:
- Chicago Sports Network assigns significant task to Mobile TV Group's 56FLEX for broadcasting sports events
- Investigating Various Pacing Speeds for Polling
- Revolutionizing Sports: The Impact of Intelligent Devices Transforming the Athletic Field
- Vulnerabilities in Citrix NetScaler result in severe penetrations of critical infrastructures
