The data of BMW or MINI drivers or those who have driven these cars whose accident and / or breakdown assistance is or was carried out by Allianz Global Assistance Netherlands has come into the hands of criminals. Today, the company informs its customers about this incident in an email, as a result of the new regulations regarding the storage of personal data.
To ensure that Allianz can guarantee the continuity of business operations in the event of a fire or other calamity, they have included a backup of all data stored in an external, secure location. The safe with backup data was stolen from that secure location.
Data breach Allianz much larger than expected.
On the one hand, this concerns policy details of approximately 260.000 people who had taken out travel insurance, bicycle insurance or car breakdown insurance with Allianz in the past five years. On the other hand, it concerns the data of customers of car dealers and leasing companies for which Allianz takes care of the breakdown assistance administration.
It concerns two million license plates and vehicle models.
The backup contains personal data such as contact details and vehicle data. Customers received this email because information about them and the vehicle in question was affected. According to Allianz Global Assistance Nederland, the stolen data is only accessible to persons with specific equipment and knowledge. A team of specialized IT professionals and external experts now checks daily whether the data is misused. There is as yet no indication that the perpetrators have done anything with the data.
What does this mean for customers?
“We deeply regret that your data entrusted to us has been stolen. We are working hard to limit the possible consequences for you. We advise you to be mindful of any Phishing emails. ”, says Willem Snijders -Chief Executive Officer.
Allianz Global Assistance Netherlands has reported theft to the police and the investigation is still ongoing. External experts immediately set to work and Allianz Partners has taken measures to prevent a recurrence. They also reported the incident to the Dutch Data Protection Authority.