Kvs satish
US insurance firm Allianz Life has told the media that hackers stole personal info of the “majority” of its customers and staff earlier this month.
The company says that a hacker gained access to an unnamed third-party cloud-based CRM used by Allianz Life, using a social engineering attack.
The firm hasn’t said if it has received a ransom demand, and it hasn’t shared any details on who the hackers might have been.
However, we’ve seen other insurance firms targeted recently, including Aflac.
What’s the betting that this is hackers once again using the Scattered Spider playbook – calling up support teams posing as customers or employees, pretending to be locked out of their accounts, and tricking support staff into granting them access.
Maybe with a slice of phishing, SIM swapping, and multi-factor authentication (MFA) bombing too…
