Allianz Life has completed the investigation into the cyberattack it suffered in July and determined that nearly 1.5 million individuals are impacted.

The American insurance giant is now notifying affected individuals that their names, addresses, dates of birth, and social security numbers (SSN) has been compromised.

Allianz Life is part of Allianz SE and provides annuities and life insurance for more than 1.4 million Americans. Allianz SE, which is a global giant with over 125 million customers, was not impacted.

In late July, the American insurance company informed the public that it had suffered a data breach impacting most of its customers, after a threat actor gained access to a third-party cloud-based CRM (Customer Relationship Management) system they used.

Although not officially confirmed, BleepingComputer has learned that the attack was likely part of the Salesforce attack wave conducted by the ShinyHunters extortion group.

In an update three weeks after disclosing the attack, Allianz Life noted that the number of impacted individuals was 1.1 million, based on the information the investigation revealed at that time.

The company is now informing affected customers and shared the data breach notification with U.S. authorities. The total number of persons impacted by the cyberattack is 1,497,036 and includes customers, financial professionals, and employees.

“On July 16, 2025, a malicious threat actor gained access to a cloud-based system used by Allianz Life,” reads the notice.

“The threat actor was able to obtain certain personal information related to Allianz Life customers, financial professionals, and select Allianz Life employees.”

Although HaveIBeenPwned previously reported that the incident resulted in the compromise of email addresses, names, genders, dates of birth, phone numbers, and physical addresses, the the insurance company only lists names, addresses, dates of birth, and Social Security numbers.

Allianz Life enclosed instructions on how to enroll in a two-year free-of-charge identity theft monitoring service by Kroll, to somewhat mitigate the risk for the letter recipients.

The company has also established a dedicated support team, reachable by phone, which is ready to answer any customer questions regarding the incident.

Potentially impacted individuals are advised to remain vigilant against unsolicited communications, enable credit monitoring, and consider placing a credit freeze.