Bleepingcomputer
Data Breach at McGraw Hill Exposes 13.5 Million User Accounts
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
In April 2026, McGraw Hill confirmed a data breach affecting approximately 13.5 million user accounts, attributed to a misconfiguration in its Salesforce environment. The ShinyHunters extortion group claimed responsibility, threatening to leak data unless a ransom was paid. The breach exposed over 100GB of data, including names, email addresses, phone numbers, and some physical addresses. McGraw Hill stated that the incident did not compromise sensitive data such as Social Security numbers or financial information. The company is collaborating with cybersecurity experts and Salesforce to address the issue. Despite assurances, the breach has raised concerns about the security of user data. The incident is part of a broader trend of attacks targeting organizations using Salesforce. The ShinyHunters group has previously breached other high-profile entities, indicating a pattern of targeting educational and corporate systems.
Key Points: • McGraw Hill's data breach affects 13.5 million accounts due to a Salesforce misconfiguration. • ShinyHunters extortion group leaked over 100GB of data, including personal information. • The breach did not involve sensitive data like Social Security numbers or financial details.