Digital insurer Honeycomb Insurance is expanding into Nevada roughly one month after receiving a $40 million funding round.
The company’s recent launches include operations in Kansas and Missouri.
Honeycomb’s digital platform is designed to enable agents to quote and bind policies quickly using only a property address for initial eligibility. Agents will ha
ve access to Honeycomb’s admitted and non-admitted habitational products, as well as excess liability coverage.
Honeycomb is headquartered in Chicago, with offices in the U.S. and Israel. The company specializes in landlord and condominium associations and now offers coverage in 24 states.
The NAIC said the cyber incident was the result of a broad campaign that affected multiple organizations to exploit a zero-day vulnerability in Oracle PeopleSoft. NAI
C uses PeopleSoft primarily for internal financial reporting purposes, it said in a June 23 update of the situation.
No personally identifiable information or payment information—including credit card or banking information—was accessed, said NAIC. It added that the “in
cident was promptly contained” after its detection on June 11. The association “engaged outside counsel and cybersecurity experts. FBI coordination is underway.”
NAIC also said its cyber insurance carrier was contacted.
There has been no confirmation that data from its environment has been published or released, said the NAIC, which provides data, technology, and analy
sis to insurance commissioners used in the regulation of the insurance industry. The systems of state insurance departments were not affected, the association said.
Watch More Image Part 2 >>>
Cybersecurity experts have remediated the affected systems and additional steps have been taken to shore up defenses. “We are meeting with credit rating providers to provide third-party assurances that our systems are secure,” NAIC said.
“If the data is released by the group responsible, we will engage cybersecurity experts to co
mpare our data with what affected systems have been remediated,” NAIC added.
The hackers claimed to have access to technology provided by the NAIC such as the System for Electronic Rate and Form Filing (SERFF), Online Premium Tax for
Insurance (OPTins), Uniform Certificate Authority Application (UCAA), Enterprise Data Platform (EDP), and Regulatory Data Collection (RDC). However, the a cybersecurity
firm has this information was not taken. No employee data, electronic funds transfer, risk-based capi
tal data, policyholder information, producer data, or event registration payment information was accessed, the internal investigation concluded.
According to multiple online resources, the ShinyHunters ransomware group claimed to have breached NAIC, and allegedly stole 3.1 terabytes of data—more than 105,000 files.
