NAIC Confirms Hackers Published Stolen Insurance Regulatory Data Online After PeopleSoft Breach
The National Association of Insurance Commissioners (NAIC) confirmed on June 25 that data taken from its IT systems has been published online by the ShinyHunters extortion group, which exploited a zero-day vulnerability in Oracle PeopleSoft. The NAIC says no personally identifiable information or payment data was accessed, while the group claims to have stolen 3.1 terabytes of regulatory filings and credit rating agency files.