Home
>
Data Breach>NAIC

NAIC Data Breach: 3.1TB of Data Compromised

Published
June 22, 2026
Updated
June 22, 2026
NAIC Data Breach: 3.1TB of Data Compromised
NAIC
Affected by the data breach? You may be entitled to compensation. Submit a claim today.

The National Association of Insurance Commissioners (NAIC), a nonprofit organization that helps insurance regulators from all 50 states set standards and protect consumers, disclosed a data breach involving unauthorized access to its systems.

The NAIC discovered the breach on or about June 11, 2026, and posted a notice on its website with updates on June 17 and June 18. The investigation remains ongoing.

On or about June 11, 2026, the NAIC identified unauthorized access to its PeopleSoft system by an unknown third party. The incident has been identified as a ransomware attack.

According to dark web intelligence, a threat actor known as ShinyHunters claimed responsibility for the breach on June 18, 2026, posting on a forum hosted on the Tor network. The group claimed to have obtained 3.1 terabytes of data from the NAIC, alleging that multiple systems were affected, including INSData, Vision credit feeds, SERFF, OPTINS, UCAA, EDP and RDC.

The data allegedly obtained includes regulatory filings, statistical reports, insurer financial statements and rating agency files containing financial identifiers such as CUSIP and ISIN numbers.

At this stage, the NAIC has not confirmed what specific information was accessed or whether any personal information was involved.

NAIC's response to the breach

After detecting the unauthorized access, the NAIC promptly activated its incident response procedures and took steps to contain the situation, according to its notice. The organization engaged outside cybersecurity experts and is coordinating with law enforcement as part of its ongoing investigation.

The NAIC has committed to notifying individuals directly if it determines their personal information was involved in the breach. Additionally, the NAIC has asked anyone who receives a suspicious communication claiming to come from the organization not to respond or click any links. Instead, individuals should preserve the message and report it to cyberincident@naic.org.

The organization has stated it will continue to update its security notice page as more information becomes available.

SUBMIT YOUR CLAIM TO THE LAW FIRM HANDLING THIS INVESTIGATION

Types of INFORMATION affected
  • Names
    Names
  • Social security numbers
    Social Security Numbers
  • Dates of birth
    Dates of Birth
  • Addresses
    Addresses
  • Government IDs
    Government IDs
  • Medical Information
    Medical Info
  • Financial Info
    Financial Info
  • Affected information types not yet disclosed

Notice Letter

This browser does not support inline PDFs. Please download the PDF to view it: Download PDF

Sources

Disclosures

Breach Summary

Affected Entity
NAIC
Consumers Notification date
Date of Breach
Breach Discovered Date
June 11, 2026
Total People Affected
Information Types Exposed

Data Breach Settlements

OBI Seafoods $380,280 Data Breach Class Action Settlement
Nth Degree Data Breach Class Action Settlement
WaterStreet Co. Data Breach Class Action Settlement
Okanogan Behavioral Healthcare Data Breach Settlement
Calibrated Healthcare Systems $1.75M Data Breach Settlement
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image

What to Read Next

Solventum Data Breach Affects Exposes PHI and PII of Patients
June 22, 2026
Solventum Data Breach Affects Exposes PHI and PII of Patients
Boyd Bros. Transportation Data Breach: SSNs and Personal Contact Information Exposed
June 22, 2026
Boyd Bros. Transportation Data Breach: SSNs and Personal Contact Information Exposed
Kentucky Mountain Health Breach Compromises SSNs and Medical Records
June 22, 2026
Kentucky Mountain Health Breach Compromises SSNs and Medical Records
Wills Point Chevrolet Data Breach Exposes Social Security Numbers and Health Information
June 22, 2026
Wills Point Chevrolet Data Breach Exposes Social Security Numbers and Health Information