Encryption-In-Use Technology Would Have Neutralized the Allianz Life Insurance Breach

Paperclip Inc, a leader in advanced data security and content supply-chain solutions, confirmed that encryption-in-use technology could have prevented the exposure of sensitive customer data in the recent Allianz Life Insurance data breach, which impacted over 1.4 million U.S. customers.

Read More on IT Tech Pulse: Krutrim Partners with Cloudera to Power AI-Driven Innovation in India

Allianz Breach Context: What Happened

On July 16, 2025, Allianz Life Insurance reported a massive data compromise following a social engineering attack that targeted a third-party cloud-based customer relationship management (CRM) system. Attackers were able to extract personally identifiable information (PII), including names, addresses, dates of birth, Social Security numbers, and policy identifiers, putting millions at risk for identity theft and fraud.

Although Allianz Life Insurance has not publicly disclosed the specific name of the CRM platform affected, multiple sources including Google’s Threat Intelligence Group (GTIG), Mandiant, and BleepingComputer suggest that Salesforce was likely the targeted system. The breach involved:

Voice phishing (vishing) attacks manipulating employees into granting access to Salesforce Data Loader.
Threat actor UNC6040 (aka “The Com,” linked to Scattered Spider) targeting Salesforce customers.
ShinyHunters launching similar campaigns against Salesforce CRM users.
Court documents referencing attacks on “Accounts” and “Contacts” tables, common Salesforce objects.
While Allianz has not officially confirmed the affected CRM, the convergence of threat actor activity, techniques, and technical evidence strongly supports the Salesforce conclusion made by the sources named above.

How Paperclip SAFE Would Have Protected Allianz’s Data

Unlike traditional encryption that only secures data at rest and in transit, Paperclip SAFE® encryption-in-use technology keeps data always encrypted, even while being processed or searched. Its unique combination of shredded data, and strong encryption architecture ensures sensitive information remains unintelligible across every phase of its lifecycle.

Key protections SAFE would have provided:

Against Vendor Compromise: Attackers would have accessed only encrypted, shredded fragments rather than usable plaintext.
Against Social Engineering: Even with legitimate credentials, any data exports would have remained encrypted and useless.
Against Supply-Chain Risk: SAFE’s zero-trust design protects data across vendor ecosystems, ensuring third-party environments cannot expose sensitive information.

“The Allianz breach underscores a critical flaw in today’s data security stack—once attackers gain access, they often gain everything,” said Mike Bridges, President & COO of Paperclip Inc. “We can confidently state that Paperclip SAFE’s Machine Learning surveillance would have shut down the export after the first thousand records, preventing much of the damage done by this type of breach.”

Encryption-In-Use: A New Standard for Data Protection

Encryption-in-Use is the ability to perform calculations upon encrypted data while the data remains encrypted. Active, operational data-in-use is the most valuable data an organization relies upon. As demonstrated by the Allianz breach, in-use data remains the primary target for threat-actors globally.

Paperclip SAFE is designed to exceed compliance mandates and align with global regulatory frameworks, including GDPR, NYDFS 500, DORA, and the upcoming NIST post-quantum cryptography standards. Currently deployed by nine of the top ten U.S. life insurance providers, SAFE is rapidly becoming the industry standard for securing sensitive data across financial services, healthcare, and government sectors.

Key Benefits of Paperclip SAFE

• Against Vendor Compromise: Attackers would have accessed only encrypted, shredded fragments rather than usable plaintext.
• Against Social Engineering: Even with legitimate credentials, any data exports would have remained encrypted and useless.
• Against Supply-Chain Risk: SAFE’s zero-trust design protects data across vendor ecosystems, ensuring third-party environments cannot expose sensitive information.

Post-Quantum Resistant – Crypto-Agile-by-Design (CAbD) creating an environment meeting both today’s and tomorrow’s threat evolution.

Paperclip is a software technology partner that creates data security and operational efficiencies for some of the largest globally recognized brands worldwide.

Paperclip provides enterprises with the most efficient means of secure document capture, processing, and storage of millions of documents for rapidly growing firms and Fortune 1,000 companies worldwide. Paperclip offers an expansive range of cloud based B2B and B2C solutions that eliminate paper to deliver new possibilities in efficiency, communication, and ROI, each customized to specific industry and business goals.

Read More on IT Tech Pulse: Splinternet Rising: How the Global Internet Is Splintering into Digital Island

Write to us [⁠k.brian@demandmediabpm.com ] to learn more about our exclusive editorial packages and programmes.⁠