• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to footer
  • Contact Us
  • Post A Job

Agency Checklists

Massachusetts Insurance News & Job Opportunities

  • AC Interviews
  • Agency M&A
  • Career News
  • CAR News
  • DOI News
  • Coverage Cases
  • Innovation
  • InsurOp-Eds
  • AC Podcast
You are here: Home / Latest News / NAIC Provides New Details on Cybersecurity Incident, Data Access, and Regulatory Reporting

NAIC Provides New Details on Cybersecurity Incident, Data Access, and Regulatory Reporting

July 6, 2026 by AC Editor

Cybersecurity concept illustrating the NAIC's report that an Oracle PeopleSoft zero-day vulnerability enabled unauthorized access to portions of its website environment.

Background on the initial incident

On June 11, 2026, the National Association of Insurance Commissioners announced that unauthorized access had occurred in a portion of its website environment. Apparently, access was gained via an Oracle PeopleSoft vulnerability. While in PeopleSoft, the unauthorized party accessed and obtained information needed to gain temporary access to certain data storage areas on the NAIC website.

The NAIC said the incident was promptly contained after it was detected, and the organization engaged outside counsel and cybersecurity experts. The NAIC also said it is coordinating with the FBI. According to the NAIC, the incident resulted from a broader campaign exploiting a previously unknown Oracle PeopleSoft “zero-day” vulnerability that affected multiple organizations. The NAIC said it primarily uses PeopleSoft for internal financial reporting

The organization also confirmed that the individual or group responsible has published data from the incident and that it is working with an external data consultant to compare the published material with its own preliminary analysis.

NAIC Details the Scope of Accessed Data

In a July 2 update, the NAIC provided additional details about the information affected by the cybersecurity incident that occurred in June. In particular, it addressed the impact of the breach on insurers’ regulatory reporting. The organization said the statutory financial reporting information accessed by the unauthorized party consisted of annual and quarterly financial statements made publicly available through its InsData system. It said confidential information excluded from InsData, including Risk-Based Capital data and the Supplemental Compensation Exhibit, was not accessed.

Addressing concerns about regulatory reporting, the NAIC explained that some credit rating providers suspended their rating symbol data feeds after learning of the incident, prompting the organization to temporarily suspend assigning new NAIC Designations based on those feeds beginning June 18. To avoid disrupting second-quarter financial reporting, the NAIC said insurers may continue to use the NAIC Designations published in AVS+ as of June 17 until the rating feeds are restored. The NAIC said quarterly filings due August 15 should not be delayed.

The organization also said there is no evidence that confidential insurer information, policyholder information, producer data, personally identifiable information, banking or payment information, or insurer-specific investment portfolio information was accessed or released. It further stated that no confidential, proprietary, trade secret, or otherwise restricted insurer submissions were involved because the affected repository supported InsData’s public financial reporting database.

Regulatory systems remain operational

While confirming that data was exfiltrated, the NAIC said the information obtained consisted of publicly available statutory financial reporting data, credit rating agency rating determinations, and some routine technical information, such as outdated logs and configuration data.

The organization added that its Online Premium Tax for Insurance (OPTins) system was not affected, the unauthorized party no longer has access to its environment, and insurers should continue to expect updates through the NAIC’s cybersecurity, annual statement, and government relations contacts, as well as postings on the organization’s website.

Future updates will be posted on the NAIC website

The NAIC urged interested parties to continue to monitor its website, where the Association will publish updates on the incident as they become available.

The NAIC had cyber insurance

Finally, it is worth noting that the NAIC did indeed have cyber insurance, stating on its update page that it has been in contact with its cyber insurance carrier. 

Primary Sidebar

Search Our Archives Here

Job Board

Career News

Union Mutual Insurance Company President and CEO Lisa Keysar, who announced her retirement effective December 31, 2026.

Union Mutual Celebrates the Career of Lisa Keysar and Announces Next Chapter in Leadership

The winner of the MAIW/Essex Chapter Scholarship for 2026

The Winners Of The MAIW’s Essex/Middlesex Chapter 2026 Estelle Jeter Scholarship

Smiling woman in a dark blazer and blue top, posing for a professional headshot against a neutral gray background.

Sarah Jarvis Joins Vermont Mutual as Vice President and Chief Administrative Officer

View All

MA Division of Insurance Advertisements

Official notice on Commonwealth of Massachusetts Division of Insurance letterhead dated July 1, 2026, regarding license amendment for OBI America Insurance Company at Plymouth, MN address for Accident and Health insurance in the Commonwealth.
Official notice from the Commonwealth of Massachusetts Division of Insurance about OBI National Insurance Company’s license amendment, dated July 1, 2026, with address block and filing instructions.
Official Massachusetts Division of Insurance notice to General Security National Insurance Company about amending its foreign license to transact property and casualty insurance, dated July 1, 2026.

Listen Now

Sponsor

Interviews

From Nuptials, Tickets, and Taxes to Trusted Advisor: One Agency’s Unique Path to P&C Success

A Conversation with Evan Silverio, President & CEO of Silverio Insurance Group

Deland, Gibson Celebrates 125 Years: A Conversation with CEO Chip Gibson

The Fourth-Generation Family-Owned Agency is Based in Wellesley

Talking with Richard Welch: Growth and Innovation at Hospitality Mutual | Agency Checklists

Talking with Richard Welch: Growth and Innovation at Hospitality Mutual

Mr. Welch is CEO of Massachusetts-based Hospitality Insurance Group

Born and Bred in the Bay State: The Special Agent Story

Our Latest Agency Interview is with the Founder & President of Special Agent

A Conversation with Daniel C. Bridge – The 2023 Insurance Professional of the Year

Daniel Bridge is Board Chair, President, and CEO of Vermont Mutual Insurance Group

Making The Leap From Corporate to Entrepreneur: Nadeen Vella On Building NaVella Insurance From Scratch

Making The Leap From Corporate to Entrepreneur: Nadeen Vella On Building NaVella Insurance From Scratch

Our latest Agency Interview is with Nadeen Vella, the founder and owner of a virtual scratch independent agency.

View All

InsurOp-Eds

InSurOp-Ed: In Claim Disputes, Disregard Case Law At Your Own Risk

InSurOp-Ed: In Claim Disputes, Disregard Case Law At Your Own Risk

By Bill Wilson

Agency Checklists, MA Insurance News, Mass. Insurance News, Bill Wilson, Insurance Commentary

InSurOp-Ed: Beware Online COI Systems!

By Bill Wilson

Agency Checklists, MA Insurance News, Mass. Insurance News, Insurance Claims, How to make an insurance claim after a natural disaster

The REAL Customer Experience

By Bill Wilson

Agency Checklists, MA Insurance News, Mass. Insurance News, Google, CapitalG, Investments in insurance innovation

InSurOp-Ed: The CGL Policy and Faulty Workmanship

By Bill Wilson

View All

In Memoriam

Gordon Elliott Taylor, longtime owner of the Blackmer Insurance Agency in Shelburne, Massachusetts, who served the local insurance community for decades.

In Memoriam: Gordon Elliott Taylor

William R Berkley founder of W R Berkley Corporation and leader in commercial insurance industry

W. R. Berkley Corporation Announces the Passing of Its Founder and Executive Chairman, William R. Berkley

Michael R Quinn longtime leader of Allan M Walker Insurance Agency in Taunton Massachusetts

Taunton Insurance Leader Michael R. Quinn Dies at 70

Footer

Contact us

We offer a variety of ways to get help promote your company or product.

Announcements
Email Sponsorships
Partnerships
Custom Collaborations

*Affiliate Disclosure

Please note that any of Agency Checklists’ articles might contain one or more affiliate links. This means that any subsequent purchase resulting from these links may result in a commission for us, but at no additional cost to you. For example, as an Amazon Associate, Agency Checklists earns a commission from all qualifying purchases. By working with affiliates we can continue to keep Agency Checklists subscription free. Thank you for your support.

Explore Our Archives

Copyright © 2026 · Agency Checklists · All rights reserved.

Loading Comments...