The National Association of Insurance Commissioners has confirmed it was hit in the recent Oracle PeopleSoft zero-day attack campaign orchestrated by the ShinyHunters cybercrime group. The breach compromised publicly available financial reporting data and technical information, though NAIC says no personal or payment information was stolen, and state insurance department systems were not affected. ShinyHunters initially claimed to have stolen over 3 terabytes of data from NAIC but later revised its claims, blaming an "AI-generated misinterpretation" for the inflated figures.