Two companies disclosed new details about data breaches on Wednesday, confirming that millions of people had sensitive information exposed during security incidents this summer. 

Allianz Life Insurance Company updated regulatory filings to confirm that 1.49 million customers had information exposed on July 16 when hackers gained access to a cloud system. The cybercriminals stole personal information about Allianz Life customers, financial professionals and some Allianz Life employees. 

The information includes names, addresses, dates of birth and Social Security numbers. 

The company filed breach notices in July but did not say how many people were affected.

In a statement at the time, the company said “a malicious threat actor gained access to a third-party CRM system” but did not identify the third party. The FBI was notified of the incident in July.

The attack on Allianz Life took place amid a wider campaign of incidents this summer by the Scattered Spider cybercriminal group targeting the insurance industry, with large firms like Aflac, Erie Insurance and Philadelphia Insurance Companies all reporting cyberattacks. 

Motility attack

Software company Motility also warned customers Wednesday of a data security incident that was discovered on August 19. The company provides software to recreational vehicle dealers.

Motility said it suffered from a ransomware attack where the hackers encrypted servers that support the company’s business operations. 

An investigation revealed that the hackers stole personal information on 766,670 people before encrypting the company’s systems. The information stolen ranges from names and addresses to Social Security numbers and driver’s license numbers. 

The attack was claimed recently by the Pear ransomware gang, which posted Motility’s parent company Reynolds & Reynolds on its leak site several weeks ago, according to researchers. 

The group said it stole 4.3 TB from Reynolds & Reynolds. The Pear ransomware group emerged in August and has claimed attacks on dozens of companies and government entities. 

Neither company immediately responded to a request for comment about the disclosures.

Software providers for vehicle sellers have become ripe targets for ransomware gangs because of how consolidated the market is. A ransomware attack on software company CDK last year caused country-wide issues and made it almost impossible for thousands of car dealerships to conduct their work for weeks.