Tech is Not Enough: What the Allianz and Workday Breach Teaches Us About Vulnerability

The insurance industry recently had a huge wake-up call, and it’s one that extends far beyond the companies only in that sector.

Allianz Life, a prominent U.S. insurance provider, recently confirmed a large-scale data breach that has impacted the sensitive information of approximately 1.4 million users (including customers, financial professionals, and employees). The breach stemmed from a third-party cloud CRM platform that was exploited by cybercriminals, highlighting a growing vulnerability faced by organizations reliant on external vendors.

While Allianz Life's prompt response coordinating with the FBI and offering robust identity monitoring services has been praised, this incident serves as a stark reminder that even well-resourced organizations are not immune to cyber threats.

Every Company is a Potential Target

Now only last week, both Workday and Salesforce–Fortune 500 companies–experienced serious data breaches that were part of a larger social engineering campaign targeting several organizations. If you’ve been thinking more advanced cyberattacks could only occur in the future, it’s time to reframe your thinking.

The future of cyberattacks is here, with more breaches happening every day to companies of all sizes spanning every sector.

Businesses that are dependent on a variety of tools and vendors are particularly at-risk. As digital transformation accelerates, especially among businesses embracing cloud solutions and remote access tools, security must be recognized as a larger organizational concern rather than an isolated IT issue.

Breaches like the ones mentioned do not only affect larger organizations (though these instances are what you’re most likely to hear about). According to Netwrix Research Lab’s 2023 Hybrid Security Trends Report, over 65% of all organizations surveyed — large and small — had experienced a cyberattack in the past 12 months. The worst part? Attacks like these can paralyze a business and destroy customer trust, ensuring that some companies never recover.

Unfortunately, many small to mid-sized businesses remain oblivious to their exposure until it is too late.

Emerging Threats

Many professionals are already familiar with common threats like ransomware, malware, supply chain attacks, etc. Typically, unpatched systems and edge device vulnerabilities are common entry points for cyberattacks.

The Allianz breach is part of a broader trend in cybercrime, where attacks increasingly leverage social engineering tactics such as vishing (voice phishing) and spear phishing. What does that mean, though?

Essentially, cybercriminals are using unconventional methods to gain access to sensitive systems by targeting employees and executives through texts, emails, QR codes, and spoofing campaigns. These attacks often involve gathering personal information—such as names of family members, pets, and home addresses—to craft convincing profiles of their targets.

From there, using the assembled data, criminals reach out to targets using highly personal messaging based on the data they’ve found. For example, I could get an email from one of my favorite employees saying something like, “John, I just had to change my checking account information. Can you update my direct deposit info before our next payroll cycle?”

In another example, an attacker might research members of a non-profit I’m involved with, claiming to require urgent updates to financial information for organizational purposes. This level of personalization not only enhances the attack's credibility but also increases the likelihood of success. The victims are likely to act quickly on these requests–and cybercriminals know that.

A Multifaceted Approach to Cybersecurity

Is it even possible to combat these evolving threats? The answer is “yes”, but it requires a more comprehensive approach to cybersecurity than what we often see. A multi-channel approach that goes beyond merely deploying technology solutions is the way forward for cautious company leaders.

Various technology platforms have promised degrees of protection. While tools such as Multi-Factor Authentication (MFA) and anomaly detection (e.g., "impossible travel" alerts) are essential for preventing unauthorized access, they are not foolproof. According to HBR, human error remains the leading cause of breaches. That’s why employee awareness and training play a crucial role in strengthening an organization’s defenses.

One effective strategy is to implement training programs alongside technology. For example, we install a great program called KnowBe4 for many clients, which educates employees on recognizing and responding to potential threats. Regular testing of employees' awareness and readiness can help identify vulnerabilities within the human element of security. True protection requires training, testing, continuous improvement efforts, and creating a corporate culture of overall awareness. According to the HBR reporting, the safest companies are those who have a culture where cybersecurity is taken seriously by everyone.

Encouraging open communication about security concerns, regularly updating training materials, and fostering an environment where employees feel empowered to report suspicious activities can significantly enhance an organization’s security posture. The truth is that better security practices benefit not only the organization, but all of the employees as well–its in everyone’s best interest to become more aware.

Continuous Improvement Is Key

Cybersecurity is not a one-time initiative. To remain safe in a landscape that keeps changing, ongoing assessment and adjustment are crucial.

Organizations should conduct regular vulnerability assessments to identify and address potential weaknesses within their systems, processes, and vendor relationships. A proactive approach to cybersecurity (involving optimization and adaptation to new threats) will help businesses to stay one step ahead of cybercriminals.

As the Allianz Life breach illustrates, along with the Workday and Salesforce attack, the stakes are high and getting higher (the global cost of cybercrime is expected to reach $10.5 trillion by the end of the year). Companies must recognize that their security is only as strong as their weakest link—which tends to be people (either within the organization or a vendor). By prioritizing vulnerability assessments, comprehensive training, and a culture of security awareness, businesses can better protect themselves against a new world of cyber threats. At SAGIN, we are committed to helping businesses fortify their defenses and adapt to this challenging environment.

Sagin is a professional services firm with deep experience in technology, advanced security and business operations.   To learn more about protecting your operations from these threat or having Sagin perform your next vulnerability assessment, contact Coleman Balogh at Coleman@saginllc.com or +1.312.481.7968