INSPECTING ARCHIVED INTELLIGENCE (OUTDATED VERSION).
ShinyHunters PeopleSoft Breach Exploit Targets Public Data
| 2026-06-29 20:30 CRITICAL LOWExecutive Summary AI-generated
The ShinyHunters extortion group has breached the systems of numerous organizations, including the National Association of Insurance Commissioners (NAIC), a U.S. insurance regulatory organization present in all 50 states. The breach occurred after an unauthorized party exploited a zero-day vulnerability in an Oracle PeopleSoft server, resulting in the theft of publicly available data and outdated logs. This is not the first time ShinyHunters has targeted organizations with stolen data, including education sector targets that had previously been extorted by the group.
Technical Mitigations AI-generated
* Implement a robust security patching strategy to address zero-day vulnerabilities like CVE-2026-35273, and regularly update software and systems with the latest security patches.
* Conduct regular vulnerability scanning and penetration testing to identify potential entry points for attackers and ensure that defenses are up-to-date.
* Use secure coding practices and follow best security guidelines when developing or deploying applications, such as using secure authentication mechanisms and validating user input.
* Regularly review and update incident response plans to ensure that they remain effective in responding to emerging threats like ShinyHunters' PeopleSoft breach.
* Consider implementing a cloud security gateway or network access control (NAC) system to provide additional protection against lateral movement within networks.
Intelligence Metadata
Actors / Malware / CVEs / Campaigns
CVE-2026-35273CVE-2026-35273
Target & Sectors
EUROPE
EUROPE
NORTH_AMERICA
NORTH_AMERICA
educationeducation
Incident Timeline
2026/06/08
Threat actors exploited CVE-2026-35273 in a PeopleSoft breach targeting around 454,600 current and former students of the UK university.
Click on any entity below to view its context and source!
target_region
United Kingdom
Last week, the crims listed the UK uni on their leak site, then dumped data belonging to around 454,600 current and former students, including personal and academic records.
general_metric
454,600 current students
Last week, the crims listed the UK uni on their leak site, then dumped data belonging to around 454,600 current and former students, including personal and academic records.
vulnerability
CVE-2026-35273
Meanwhile, a Google threat report published late last week
noted malicious activity
, “consistent with the exploitation of CVE-2026-35273,” between May 27 and June 9, and said that its incident responders notified more than 100 global orgs “whose IP addresses correlated with potentially vulnerable endpoints.
organisation
Google
Meanwhile, a Google threat report published late last week
noted malicious activity
, “consistent with the exploitation of CVE-2026-35273,” between May 27 and June 9, and said that its incident responders notified more than 100 global orgs “whose IP addresses correlated with potentially vulnerable endpoints.
organisation
IP
Meanwhile, a Google threat report published late last week
noted malicious activity
, “consistent with the exploitation of CVE-2026-35273,” between May 27 and June 9, and said that its incident responders notified more than 100 global orgs “whose IP addresses correlated with potentially vulnerable endpoints.
general_metric
100 global orgs
Meanwhile, a Google threat report published late last week
noted malicious activity
, “consistent with the exploitation of CVE-2026-35273,” between May 27 and June 9, and said that its incident responders notified more than 100 global orgs “whose IP addresses correlated with potentially vulnerable endpoints.
June 11
The PeopleSoft system of the identified organization was accessed by an unauthorized party on June 11.
June 25
ShinyHunters used AWS infrastructure configs to target the National Association of Insurance Commissioners' (NAIC) systems.
Click on any entity below to view its context and source!
infrastructure
3.1
In an announcement updated on June 25, ShinyHunters claims to hold 3.1 TB of data corresponding to 105,000 files stolen from NAIC's systems:
INSData and Vision servers
264,000 insurer regulatory filing PDFs between 2017 and 2024
2,000 customer/order/payment records
45,000 rating agency files
AWS infrastructure configs
Stored credentials for SERFF, OPTins, and UCAA production environments
The hackers also noted in the update that a previous summary of the stolen data was exaggerated due to using AI hallucinations when evaluating the files.
organisation
Vision
In an announcement updated on June 25, ShinyHunters claims to hold 3.1 TB of data corresponding to 105,000 files stolen from NAIC's systems:
INSData and Vision servers
264,000 insurer regulatory filing PDFs between 2017 and 2024
2,000 customer/order/payment records
45,000 rating agency files
AWS infrastructure configs
Stored credentials for SERFF, OPTins, and UCAA production environments
The hackers also noted in the update that a previous summary of the stolen data was exaggerated due to using AI hallucinations when evaluating the files.
organisation
SERFF
In an announcement updated on June 25, ShinyHunters claims to hold 3.1 TB of data corresponding to 105,000 files stolen from NAIC's systems:
INSData and Vision servers
264,000 insurer regulatory filing PDFs between 2017 and 2024
2,000 customer/order/payment records
45,000 rating agency files
AWS infrastructure configs
Stored credentials for SERFF, OPTins, and UCAA production environments
The hackers also noted in the update that a previous summary of the stolen data was exaggerated due to using AI hallucinations when evaluating the files.
organisation
UCAA
In an announcement updated on June 25, ShinyHunters claims to hold 3.1 TB of data corresponding to 105,000 files stolen from NAIC's systems:
INSData and Vision servers
264,000 insurer regulatory filing PDFs between 2017 and 2024
2,000 customer/order/payment records
45,000 rating agency files
AWS infrastructure configs
Stored credentials for SERFF, OPTins, and UCAA production environments
The hackers also noted in the update that a previous summary of the stolen data was exaggerated due to using AI hallucinations when evaluating the files.
data_breach
3.1 TB
In an announcement updated on June 25, ShinyHunters claims to hold 3.1 TB of data corresponding to 105,000 files stolen from NAIC's systems:
INSData and Vision servers
264,000 insurer regulatory filing PDFs between 2017 and 2024
2,000 customer/order/payment records
45,000 rating agency files
AWS infrastructure configs
Stored credentials for SERFF, OPTins, and UCAA production environments
The hackers also noted in the update that a previous summary of the stolen data was exaggerated due to using AI hallucinations when evaluating the files.
data_breach
105,000 files
In an announcement updated on June 25, ShinyHunters claims to hold 3.1 TB of data corresponding to 105,000 files stolen from NAIC's systems:
INSData and Vision servers
264,000 insurer regulatory filing PDFs between 2017 and 2024
2,000 customer/order/payment records
45,000 rating agency files
AWS infrastructure configs
Stored credentials for SERFF, OPTins, and UCAA production environments
The hackers also noted in the update that a previous summary of the stolen data was exaggerated due to using AI hallucinations when evaluating the files.
general_metric
264,000 insurer
In an announcement updated on June 25, ShinyHunters claims to hold 3.1 TB of data corresponding to 105,000 files stolen from NAIC's systems:
INSData and Vision servers
264,000 insurer regulatory filing PDFs between 2017 and 2024
2,000 customer/order/payment records
45,000 rating agency files
AWS infrastructure configs
Stored credentials for SERFF, OPTins, and UCAA production environments
The hackers also noted in the update that a previous summary of the stolen data was exaggerated due to using AI hallucinations when evaluating the files.
financial
2,000 payment records
In an announcement updated on June 25, ShinyHunters claims to hold 3.1 TB of data corresponding to 105,000 files stolen from NAIC's systems:
INSData and Vision servers
264,000 insurer regulatory filing PDFs between 2017 and 2024
2,000 customer/order/payment records
45,000 rating agency files
AWS infrastructure configs
Stored credentials for SERFF, OPTins, and UCAA production environments
The hackers also noted in the update that a previous summary of the stolen data was exaggerated due to using AI hallucinations when evaluating the files.
general_metric
45,000 rating agency
In an announcement updated on June 25, ShinyHunters claims to hold 3.1 TB of data corresponding to 105,000 files stolen from NAIC's systems:
INSData and Vision servers
264,000 insurer regulatory filing PDFs between 2017 and 2024
2,000 customer/order/payment records
45,000 rating agency files
AWS infrastructure configs
Stored credentials for SERFF, OPTins, and UCAA production environments
The hackers also noted in the update that a previous summary of the stolen data was exaggerated due to using AI hallucinations when evaluating the files.
between 2017 and 2024
ShinyHunters used AWS infrastructure configs to store stolen data.
Click on any entity below to view its context and source!
infrastructure
3.1
In an announcement updated on June 25, ShinyHunters claims to hold 3.1 TB of data corresponding to 105,000 files stolen from NAIC's systems:
INSData and Vision servers
264,000 insurer regulatory filing PDFs between 2017 and 2024
2,000 customer/order/payment records
45,000 rating agency files
AWS infrastructure configs
Stored credentials for SERFF, OPTins, and UCAA production environments
The hackers also noted in the update that a previous summary of the stolen data was exaggerated due to using AI hallucinations when evaluating the files.
organisation
Vision
In an announcement updated on June 25, ShinyHunters claims to hold 3.1 TB of data corresponding to 105,000 files stolen from NAIC's systems:
INSData and Vision servers
264,000 insurer regulatory filing PDFs between 2017 and 2024
2,000 customer/order/payment records
45,000 rating agency files
AWS infrastructure configs
Stored credentials for SERFF, OPTins, and UCAA production environments
The hackers also noted in the update that a previous summary of the stolen data was exaggerated due to using AI hallucinations when evaluating the files.
organisation
SERFF
In an announcement updated on June 25, ShinyHunters claims to hold 3.1 TB of data corresponding to 105,000 files stolen from NAIC's systems:
INSData and Vision servers
264,000 insurer regulatory filing PDFs between 2017 and 2024
2,000 customer/order/payment records
45,000 rating agency files
AWS infrastructure configs
Stored credentials for SERFF, OPTins, and UCAA production environments
The hackers also noted in the update that a previous summary of the stolen data was exaggerated due to using AI hallucinations when evaluating the files.
organisation
UCAA
In an announcement updated on June 25, ShinyHunters claims to hold 3.1 TB of data corresponding to 105,000 files stolen from NAIC's systems:
INSData and Vision servers
264,000 insurer regulatory filing PDFs between 2017 and 2024
2,000 customer/order/payment records
45,000 rating agency files
AWS infrastructure configs
Stored credentials for SERFF, OPTins, and UCAA production environments
The hackers also noted in the update that a previous summary of the stolen data was exaggerated due to using AI hallucinations when evaluating the files.
data_breach
3.1 TB
In an announcement updated on June 25, ShinyHunters claims to hold 3.1 TB of data corresponding to 105,000 files stolen from NAIC's systems:
INSData and Vision servers
264,000 insurer regulatory filing PDFs between 2017 and 2024
2,000 customer/order/payment records
45,000 rating agency files
AWS infrastructure configs
Stored credentials for SERFF, OPTins, and UCAA production environments
The hackers also noted in the update that a previous summary of the stolen data was exaggerated due to using AI hallucinations when evaluating the files.
data_breach
105,000 files
In an announcement updated on June 25, ShinyHunters claims to hold 3.1 TB of data corresponding to 105,000 files stolen from NAIC's systems:
INSData and Vision servers
264,000 insurer regulatory filing PDFs between 2017 and 2024
2,000 customer/order/payment records
45,000 rating agency files
AWS infrastructure configs
Stored credentials for SERFF, OPTins, and UCAA production environments
The hackers also noted in the update that a previous summary of the stolen data was exaggerated due to using AI hallucinations when evaluating the files.
general_metric
264,000 insurer
In an announcement updated on June 25, ShinyHunters claims to hold 3.1 TB of data corresponding to 105,000 files stolen from NAIC's systems:
INSData and Vision servers
264,000 insurer regulatory filing PDFs between 2017 and 2024
2,000 customer/order/payment records
45,000 rating agency files
AWS infrastructure configs
Stored credentials for SERFF, OPTins, and UCAA production environments
The hackers also noted in the update that a previous summary of the stolen data was exaggerated due to using AI hallucinations when evaluating the files.
financial
2,000 payment records
In an announcement updated on June 25, ShinyHunters claims to hold 3.1 TB of data corresponding to 105,000 files stolen from NAIC's systems:
INSData and Vision servers
264,000 insurer regulatory filing PDFs between 2017 and 2024
2,000 customer/order/payment records
45,000 rating agency files
AWS infrastructure configs
Stored credentials for SERFF, OPTins, and UCAA production environments
The hackers also noted in the update that a previous summary of the stolen data was exaggerated due to using AI hallucinations when evaluating the files.
general_metric
45,000 rating agency
In an announcement updated on June 25, ShinyHunters claims to hold 3.1 TB of data corresponding to 105,000 files stolen from NAIC's systems:
INSData and Vision servers
264,000 insurer regulatory filing PDFs between 2017 and 2024
2,000 customer/order/payment records
45,000 rating agency files
AWS infrastructure configs
Stored credentials for SERFF, OPTins, and UCAA production environments
The hackers also noted in the update that a previous summary of the stolen data was exaggerated due to using AI hallucinations when evaluating the files.
between May 27 and June 9
Threat actors exploited CVE-2026-35273 in the PeopleSoft breach targeting more than 100 global organizations between May 27 and June 9.
Click on any entity below to view its context and source!
vulnerability
CVE-2026-35273
Meanwhile, a Google threat report published late last week
noted malicious activity
, “consistent with the exploitation of CVE-2026-35273,” between May 27 and June 9, and said that its incident responders notified more than 100 global orgs “whose IP addresses correlated with potentially vulnerable endpoints.
organisation
Google
Meanwhile, a Google threat report published late last week
noted malicious activity
, “consistent with the exploitation of CVE-2026-35273,” between May 27 and June 9, and said that its incident responders notified more than 100 global orgs “whose IP addresses correlated with potentially vulnerable endpoints.
organisation
IP
Meanwhile, a Google threat report published late last week
noted malicious activity
, “consistent with the exploitation of CVE-2026-35273,” between May 27 and June 9, and said that its incident responders notified more than 100 global orgs “whose IP addresses correlated with potentially vulnerable endpoints.
general_metric
100 global orgs
Meanwhile, a Google threat report published late last week
noted malicious activity
, “consistent with the exploitation of CVE-2026-35273,” between May 27 and June 9, and said that its incident responders notified more than 100 global orgs “whose IP addresses correlated with potentially vulnerable endpoints.
2026/06/29
ShinyHunters stole public data from Instructure's PeopleSoft digital learning platform.
Click on any entity below to view its context and source!
organisation
Council
A spokesperson for the cybercrime group told us that the Council is yet another victim of the Oracle PeopleSoft heist.
victims
100 organizations
ShinyHunters
previously told us
that the gang exploited the CVE to compromise more than 100 organizations across 300 vulnerable instances, and that these victims included the
University of Nottingham
.
CYBER-CRIME
Council of Europe hacked in ShinyHunters' PeopleSoft heist
Joins the ranks of Nottingham Uni and 100 other unnamed victims
ShinyHunters claims to have breached the Council of Europe and stolen more than 297 GB of data after exploiting a zero-day flaw in Oracle PeopleSoft and abusing that hole to hack more than 100 organizations.
ShinyHunter's hacking spree using the zero-day (CVE-2026-35273) in the PeopleSoft enterprise system has allegedly impacted more than 100 organizations.
organisation
CVE
ShinyHunters
previously told us
that the gang exploited the CVE to compromise more than 100 organizations across 300 vulnerable instances, and that these victims included the
University of Nottingham
.
organisation
the
University of Nottingham
ShinyHunters
previously told us
that the gang exploited the CVE to compromise more than 100 organizations across 300 vulnerable instances, and that these victims included the
University of Nottingham
.
organisation
Oracle PeopleSoft
The National Association of Insurance Commissioners (NAIC) says the ShinyHunters extortion group stole only publicly available data, outdated logs, and configuration files after breaching its systems by exploiting a zero-day vulnerability in an Oracle PeopleSoft server.
CYBER-CRIME
Council of Europe hacked in ShinyHunters' PeopleSoft heist
Joins the ranks of Nottingham Uni and 100 other unnamed victims
ShinyHunters claims to have breached the Council of Europe and stolen more than 297 GB of data after exploiting a zero-day flaw in Oracle PeopleSoft and abusing that hole to hack more than 100 organizations.
data_breach
429,000 pilfered files
According to a post on the extortion crew’s data-leak site, the 429,000 pilfered files contain HR and payroll records, payslips, purchase-order records, CVs, and employees’ salary, banking, tax, and medical records.
organisation
Canvas
In mid-May, ed-tech giant Instructure said it “
reached an agreement
” - this is corporate-speak for “paid the ransom demand” - with the data theft and extortion crew after
ShinyHunters breached its Canvas
digital learning platform and accessed data tied to 275 million students, teachers, and staff.
organisation
the Council of Europe
CYBER-CRIME
Council of Europe hacked in ShinyHunters' PeopleSoft heist
Joins the ranks of Nottingham Uni and 100 other unnamed victims
ShinyHunters claims to have breached the Council of Europe and stolen more than 297 GB of data after exploiting a zero-day flaw in Oracle PeopleSoft and abusing that hole to hack more than 100 organizations.
data_breach
297 GB
CYBER-CRIME
Council of Europe hacked in ShinyHunters' PeopleSoft heist
Joins the ranks of Nottingham Uni and 100 other unnamed victims
ShinyHunters claims to have breached the Council of Europe and stolen more than 297 GB of data after exploiting a zero-day flaw in Oracle PeopleSoft and abusing that hole to hack more than 100 organizations.
organisation
ShinyHunter
ShinyHunter's hacking spree using the zero-day (CVE-2026-35273) in the PeopleSoft enterprise system has allegedly impacted more than 100 organizations.
organisation
The Register
’s
Oracle has yet to respond to
The Register
’s inquiries, and it's unclear if the vulnerability, tracked as
CVE-2026-35273
, has been patched.
organisation
NAIC
NAIC says public data stolen in ShinyHunters' PeopleSoft breach.
organisation
ShinyHunters
NAIC says public data stolen in ShinyHunters' PeopleSoft breach.
Council of Europe hacked in ShinyHunters' PeopleSoft heist.
organisation
PeopleSoft
NAIC says public data stolen in ShinyHunters' PeopleSoft breach.
Council of Europe hacked in ShinyHunters' PeopleSoft heist.
organisation
Council of Europe
Council of Europe hacked in ShinyHunters' PeopleSoft heist.
organisation
PII
According to NAIC, the investigation found no evidence of personally identifiable information (PII) or financial data having been exposed and directly disputed the threat actor’s earlier claims that they compromised critical insurance regulatory platforms like SERFF (System for Electronic Rate and Form Filing), OPTins (Online Premium Tax for Insurance), and SBS (State-Based Systems).
organisation
SERFF (System for Electronic Rate
According to NAIC, the investigation found no evidence of personally identifiable information (PII) or financial data having been exposed and directly disputed the threat actor’s earlier claims that they compromised critical insurance regulatory platforms like SERFF (System for Electronic Rate and Form Filing), OPTins (Online Premium Tax for Insurance), and SBS (State-Based Systems).
organisation
OPTins
According to NAIC, the investigation found no evidence of personally identifiable information (PII) or financial data having been exposed and directly disputed the threat actor’s earlier claims that they compromised critical insurance regulatory platforms like SERFF (System for Electronic Rate and Form Filing), OPTins (Online Premium Tax for Insurance), and SBS (State-Based Systems).
organisation
State-Based Systems
According to NAIC, the investigation found no evidence of personally identifiable information (PII) or financial data having been exposed and directly disputed the threat actor’s earlier claims that they compromised critical insurance regulatory platforms like SERFF (System for Electronic Rate and Form Filing), OPTins (Online Premium Tax for Insurance), and SBS (State-Based Systems).
organisation
BleepingComputer
However
Source: BleepingComputer
However, according to the threat actor, the latest published inventory was validated by a human reviewer and should be considered accurate.
organisation
BleepingComputer
BleepingComputer reported about the
threat actor's zero-day attacks
before Oracle disclosed the security issue publicly.
organisation
Oracle
BleepingComputer reported about the
threat actor's zero-day attacks
before Oracle disclosed the security issue publicly.
organisation
EDR
The Picus whitepaper shows how breach and attack simulation tests your SIEM and EDR rules so threats stop slipping by detection.
organisation
The Register
A Council of Europe spokesperson told
The Register
that it is “currently investigating the matter and assessing the situation,” but declined to comment further.
organisation
Salesforce
In March, ShinyHunters claimed it stole data from K-12 software provider
Infinite Campus
as part of a broader wave of Salesforce-related intrusions.
organisation
Infinite Campus
The ed tech company did not pay up, and the group subsequently published data they claim was stolen from Infinite Campus, including
137,000 individuals’ email addresses
along with names, phone numbers, physical addresses and support tickets.
Tactical Metrics
Metrics
infrastructure
3.1
Software Version
Click for context!
In an announcement updated on June 25, ShinyHunters claims to hold 3.1 TB of data corresponding to 105,000 files stolen from NAIC's systems:
INSData and Vision servers
264,000 insurer regulatory filing PDFs between 2017 and 2024
2,000 customer/order/payment records
45,000 rating agency files
AWS infrastructure configs
Stored credentials for SERFF, OPTins, and UCAA production environments
The hackers also noted in the update that a previous summary of the stolen data was exaggerated due to using AI hallucinations when evaluating the files.
Metrics
data_breach
3
Tb
In an announcement updated on June 25, ShinyHunters claims to hold 3.1 TB of data corresponding to 105,000 files stolen from NAIC's systems:
INSData and Vision servers
264,000 insurer regulatory filing PDFs between 2017 and 2024
2,000 customer/order/payment records
45,000 rating agency files
AWS infrastructure configs
Stored credentials for SERFF, OPTins, and UCAA production environments
The hackers also noted in the update that a previous summary of the stolen data was exaggerated due to using AI hallucinations when evaluating the files.
Metrics
data_breach
105,000
Files
In an announcement updated on June 25, ShinyHunters claims to hold 3.1 TB of data corresponding to 105,000 files stolen from NAIC's systems:
INSData and Vision servers
264,000 insurer regulatory filing PDFs between 2017 and 2024
2,000 customer/order/payment records
45,000 rating agency files
AWS infrastructure configs
Stored credentials for SERFF, OPTins, and UCAA production environments
The hackers also noted in the update that a previous summary of the stolen data was exaggerated due to using AI hallucinations when evaluating the files.
Metrics
financial
2,000
Payment Records
In an announcement updated on June 25, ShinyHunters claims to hold 3.1 TB of data corresponding to 105,000 files stolen from NAIC's systems:
INSData and Vision servers
264,000 insurer regulatory filing PDFs between 2017 and 2024
2,000 customer/order/payment records
45,000 rating agency files
AWS infrastructure configs
Stored credentials for SERFF, OPTins, and UCAA production environments
The hackers also noted in the update that a previous summary of the stolen data was exaggerated due to using AI hallucinations when evaluating the files.
Metrics
victims
100
Organizations
ShinyHunter's hacking spree using the zero-day (CVE-2026-35273) in the PeopleSoft enterprise system has allegedly impacted more than 100 organizations.
ShinyHunters
previously told us
that the gang exploited the CVE to compromise more than 100 organizations across 300 vulnerable instances, and that these victims included the
University of Nottingham
.
CYBER-CRIME
Council of Europe hacked in ShinyHunters' PeopleSoft heist
Joins the ranks of Nottingham Uni and 100 other unnamed victims
ShinyHunters claims to have breached the Council of Europe and stolen more than 297 GB of data after exploiting a zero-day flaw in Oracle PeopleSoft and abusing that hole to hack more than 100 organizations.
Metrics
data_breach
429,000
Pilfered Files
According to a post on the extortion crew’s data-leak site, the 429,000 pilfered files contain HR and payroll records, payslips, purchase-order records, CVs, and employees’ salary, banking, tax, and medical records.
Metrics
data_breach
297
Gb
CYBER-CRIME
Council of Europe hacked in ShinyHunters' PeopleSoft heist
Joins the ranks of Nottingham Uni and 100 other unnamed victims
ShinyHunters claims to have breached the Council of Europe and stolen more than 297 GB of data after exploiting a zero-day flaw in Oracle PeopleSoft and abusing that hole to hack more than 100 organizations.
Intelligence Sources
The Register - Cybercrime
2026-06-15
Council of Europe hacked in ShinyHunters' PeopleSoft heist
The Register - Cybercrime
BleepingComputer
2026-06-29
NAIC says public data stolen in ShinyHunters' PeopleSoft breach
BleepingComputer
Unpublish from Social Media?
Are you sure you want to delete this podcast video from all synchronized social networks (YouTube, Facebook, Threads)?
Important:
Due to Meta API restrictions, Instagram Reels cannot be deleted automatically via API by third-party apps.
View Profile to Delete Manually
View Profile to Delete Manually
Tactical Intelligence
Report Intelligence Issue
Podcast Options
Generate
Incident Version History
CURRENT VERSION
Last Updated: 2026-06-30T06:01
Comprehensive Tactical Telemetry
Highly Correlated Entities
29x
organisation
Identified Entity
The National Association of Insurance Commissioners
entity
5x
timeline
Temporal Reference
June 25
date
2x
target region
Target Country
United States
country
2x
tactic
Cyber Operation Type
Extortion
tactic
2x
general metric
%
54
%
Contextual Telemetry
Context Block
19 METRICS
industry
Targeted Sector
Education
sector
infrastructure
Software Version
3.1
version
data breach
Tb
3
tb
data breach
Files
105,000
files
general metric
Insurer
264,000
insurer
financial
Payment Records
2,000
payment records
general metric
Rating Agency
45,000
rating agency
vulnerability
Exploited CVE
CVE-2026-35273
cve
victims
Organizations
100
organizations
general metric
States
50
states
general metric
Vulnerable Instances
300
vulnerable instances
general metric
Current Students
454,600
current students
general metric
Percent
68
percent
data breach
Pilfered Files
429,000
pilfered files
general metric
Students
275,000,000
students
target region
Target Region
EUROPE
region
data breach
Gb
297
gb
general metric
Global Orgs
100
global orgs
general metric
Individuals
137,000
individuals
Click on any entity below to view its context in the main text!
Selective Unpublish
Selecciona las redes de las que quieres eliminar esta publicación. El sistema intentará borrar el post real de la API y limpiará la base de datos para que puedas volver a lanzarlo.
By navigating this website, you accept the use of strictly necessary technical cookies for session security and basic platform functionality. We do not use tracking or advertising cookies.
Read our Privacy Policy.