The ShinyHunters extortion group has leaked data from 13.5 million edtech giant McGraw Hill user accounts, stolen after breaching the company’s Salesforce environment earlier this month.
You can get more details here: Data breach at edtech giant McGraw Hill affects 13.5 million accounts
Commenting on this news is Paul Bischoff, Consumer Privacy Advocate at Comparitech:
“Most of the compromised data is contact info like addresses, phone numbers, and email addresses. While that info probably can’t be used to directly steal from victims, cybercriminals could use it to craft convincing phishing messages that contain personal info. Breach victims should be on the lookout for targeted scam and phishing messages from cybercriminals posing as McGraw Hill or a related organization. Never click on links or attachments in unsolicited messages, and never send any sensitive private info in an email or text message.”
For additional context, Comparitech researchers in February published an in-depth study looking at all education ransomware attacks in 2025. This data and analysis can be seen here: https://www.comparitech.com/news/education-ransomware-roundup-2025-stats-on-attacks-ransoms-and-data-breaches/
Like this:
Like Loading...
Related
This entry was posted on April 16, 2026 at 12:15 pm and is filed under Commentary with tags Comparitech. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
McGraw Hill Pwned with 13.5 million accounts affected
The ShinyHunters extortion group has leaked data from 13.5 million edtech giant McGraw Hill user accounts, stolen after breaching the company’s Salesforce environment earlier this month.
You can get more details here: Data breach at edtech giant McGraw Hill affects 13.5 million accounts
Commenting on this news is Paul Bischoff, Consumer Privacy Advocate at Comparitech:
“Most of the compromised data is contact info like addresses, phone numbers, and email addresses. While that info probably can’t be used to directly steal from victims, cybercriminals could use it to craft convincing phishing messages that contain personal info. Breach victims should be on the lookout for targeted scam and phishing messages from cybercriminals posing as McGraw Hill or a related organization. Never click on links or attachments in unsolicited messages, and never send any sensitive private info in an email or text message.”
For additional context, Comparitech researchers in February published an in-depth study looking at all education ransomware attacks in 2025. This data and analysis can be seen here: https://www.comparitech.com/news/education-ransomware-roundup-2025-stats-on-attacks-ransoms-and-data-breaches/
Share this:
Like this:
Related
This entry was posted on April 16, 2026 at 12:15 pm and is filed under Commentary with tags Comparitech. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.