US Federal Insurance Regulator Confirms Data Breach Via Oracle Flaw

THE US National Association of Insurance Commissioners (NAIC) has confirmed a data breach affecting US citizens' credit rating data, traced back to a zero-day vulnerability in Oracle PeopleSoft. Detected on June 11 and disclosed on June 17, unauthorized access allowed attackers to view a portion of the NAIC's environment, leading to potential exposure of certain data, including financial reporting information and credit rating data. However, critical personal and financial information was not compromised. Operations are mostly back to normal, with ongoing investigations and coordination with the FBI.