- ShinyHunters add McGraw Hill to information leak website, demand ransom by April 14 2026
- Group claims 45 million Salesforce data stolen, contradicting firm’s “restricted information” assertion
- McGraw Hill says misconfiguration in Salesforce led to publicity, no SSNs, monetary, or pupil information compromised
American training science firm McGraw Hill has confirmed struggling a knowledge breach and dropping delicate inside information after the notorious ransomware collective ShinyHunters added it to its information leak web site.
In a press release shared with BleepingComputer, the corporate mentioned the incident was not the results of a breach of its programs, however relatively an exploitation of a misconfiguration:
“McGraw Hill lately recognized unauthorized entry to a restricted set of knowledge from a webpage hosted by Salesforce on its platform,” the corporate mentioned. “This exercise seems to be a part of a broader difficulty involving a misconfiguration inside Salesforce’s atmosphere that has impacted a number of organizations that work with Salesforce.”
Article continues beneath
Chances are you’ll like
ShinyHunters’ exercise
The corporate additional pressured that the incident didn’t contain unauthorized entry to its Salesforce accounts, buyer databases, courseware, or inside programs. Social Safety numbers (SSN), monetary account info, or pupil information generated by instructional platforms, haven’t been compromised.
A number of days prior, the ShinyHunters ransomware group added McGraw Hill to its information leak web site, and mentioned it had till April 14 2026 to pay a ransom demand, or see the stolen information leak to the darkish net.
It claims to have stolen 45 million Salesforce data with personally identifiable info (PII), which contradicts McGraw Hill’s evaluation that the info is of little significance.
ShinyHunters is at present among the many most lively menace actors on the market. It began as a ransomware participant however shortly stopped deploying encryptors and centered totally on information exfiltration and extortion.
A number of weeks in the past, it broke into an analytics firm Anodot, via which it accessed Snowflake accounts belonging to greater than a dozen firms. It exfiltrated many of the information discovered there and is at present extorting the victims. On the identical time, it printed 78.6 million data stolen from recreation improvement behemoth Rockstar Video games even earlier than the deadline expired.
The perfect antivirus for all budgets
Our prime picks, primarily based on real-world testing and comparisons
Observe TechRadar on Google Information and add us as a most popular supply to get our professional information, evaluations, and opinion in your feeds. Be sure to click on the Observe button!
And naturally you may also observe TechRadar on TikTok for information, evaluations, unboxings in video kind, and get common updates from us on WhatsApp too.
