The National Association of Insurance Commissioners (NAIC) confirmed that hackers exploited a zero-day vulnerability in Oracle PeopleSoft to steal and post online sensitive data, including credit rating agency information and statutory financial reports, affecting rating agencies and insurers across the US. The breach, discovered on June 11 and attributed to the ShinyHunters group, prompted major rating agencies like Moody's and Fitch to suspend or pause data feeds to the NAIC, temporarily halting the assignment of investment designations for insurer portfolios. While the stolen data includes some publicly available information and outdated logs, the NAIC stated there is no evidence that personally identifiable information or financial account data was compromised, and its regulatory filing systems remain secure. This incident marks the first public confirmation of a victim in a broader campaign targeting over 100 organizations using Oracle PeopleSoft, raising concerns about data flow security in the insurance regulatory sector.