:

NAIC BREACH: SHINYUNTERS STEALS PUBLIC DATA VIA PEOPLESOFT ZERO-DAY

AI DESK1 MIN READ
MON, JUN 29, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

The National Association of Insurance Commissioners confirmed that the ShinyHunters extortion group breached its systems through a zero-day vulnerability in Oracle PeopleSoft. The attackers accessed only publicly available data, outdated logs, and configuration files.

NAIC disclosed the incident after ShinyHunters exploited an unpatched vulnerability in its PeopleSoft server. The group, known for extortion-based attacks, has claimed responsibility for the breach. According to NAIC's assessment, the stolen data consists primarily of information already in the public domain, historical system logs, and server configuration details. No current sensitive records or personal information appears to have been compromised. ShinyHunters has previously targeted major corporations and organizations, typically demanding ransom payments and threatening to publish stolen data. The group's breach of NAIC—a regulatory body representing state insurance commissioners—marks another high-profile target. Oracle has not yet released a patch for the exploited zero-day vulnerability. NAIC has notified relevant authorities and is implementing additional security measures to prevent further unauthorized access.

■ SOURCES

Bleeping Computer

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

Partnered Health, one of Australia's largest healthcare providers, has disclosed a cyber-attack affecting 21 clinics across Sydney, Melbourne, and Canberra. Personal information and medical records were compromised in the breach.

1H AGOSecurity Desk

Security firm Intruder has developed an AI-powered system that automatically identifies previously unknown software vulnerabilities by combining code analysis with large language models. The tool already discovered and exploited a WordPress plugin zero-day.

1H AGOAI Desk

U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.

6H AGOIndustry Desk

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.

6H AGOSecurity Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.