The ShinyHunters extortion group has leaked data from 13.5 million McGraw Hill user accounts following a breach of the edtech company's Salesforce environment. The stolen data was disclosed earlier this month.
McGraw Hill, one of the world's largest educational technology companies, confirmed the security incident affecting its user base. The breach occurred within the company's Salesforce infrastructure, a common attack vector for threat actors targeting enterprise systems.
ShinyHunters, the extortion group responsible for the leak, has made the stolen data publicly available. The compromised accounts represent a significant portion of McGraw Hill's user base, which includes students, educators, and institutional clients across multiple platforms.
McGraw Hill serves millions of users globally through its education technology platforms, digital learning tools, and assessment systems. The breach potentially exposes personal information associated with these accounts, though the company has not yet detailed the specific data categories affected.
This incident marks another major security event targeting educational institutions and edtech providers. In recent years, the sector has become increasingly attractive to threat actors seeking valuable user data and institutional information.
Companies relying on third-party platforms like Salesforce face inherited security risks. While Salesforce itself remains widely used, misconfigured instances and inadequate access controls have proven vulnerabilities in enterprise deployments.
McGraw Hill has not announced mandatory password resets or detailed remediation steps for affected users. The company typically faces regulatory scrutiny under various education privacy laws and data protection regulations depending on jurisdictions served.
Users of McGraw Hill platforms should monitor accounts for suspicious activity and consider changing credentials as a precautionary measure. The company is expected to issue formal guidance to affected users in coming days.
A hacker accessed Suno's source code, revealing details about how the AI music platform scraped millions of songs. Suno confirmed a November breach but stated no sensitive personal data was compromised.
Federal prosecutors have unsealed a 2024 indictment charging three Russian nationals and two web hosting services with facilitating cyberattacks and money laundering that victimized cybercrime targets of $62 million.
A hacker accessed Suno's source code using stolen employee credentials, revealing that the AI music generator scraped decades of audio from YouTube to train its model.
Criminals can now clone voices with AI in mere seconds, outpacing traditional authentication defenses that banks and financial institutions rely on to prevent fraud.