- ShinyHunters Adds McGraw Hill to Data Leak Site, Demands Ransom by April 14, 2026
- Group Claims Theft of 45 Million Salesforce Records, Contradicting Company’s ‘Limited Data’ Claim
- McGraw Hill claims misconfiguration in Salesforce led to exposure, no SSN, financial or student data was compromised
American educational science company McGraw Hill has confirmed that it suffered a data breach and lost sensitive internal data after the infamous ransomware collective ShinyHunters added it to its data leak website.
In a statement shared with BeepComputerthe company said the incident was not the result of a breach of its systems, but rather the exploitation of a misconfiguration:
“McGraw Hill recently identified unauthorized access to a limited set of data from a Salesforce-hosted web page on its platform,” the company said. “This activity appears to be part of a larger issue involving misconfiguration within the Salesforce environment that has affected multiple organizations that work with Salesforce. »
Article continues below
ShinyHunters activity
The company further emphasized that the incident did not involve unauthorized access to its Salesforce accounts, customer databases, courseware, or internal systems. Social Security Numbers (SSNs), financial account information, or student data generated by educational platforms have not been compromised.
Days earlier, the ShinyHunters ransomware group added McGraw Hill to its data leak website and said it had until April 14, 2026, to pay a ransom demand or see the stolen data leak onto the dark web.
It claims to have stolen 45 million Salesforce records containing personally identifiable information (PII), contradicting McGraw Hill’s assessment that the data is of little importance.
ShinyHunters is currently among the most active threat actors. It started as a ransomware actor, but quickly stopped deploying encryptors and focused entirely on data exfiltration and extortion.
A few weeks ago, he broke into the analytics company Anodot, through which he accessed Snowflake accounts belonging to more than a dozen companies. He exfiltrated most of the data from there and is currently extorting victims. At the same time, it released 78.6 million documents stolen from game development giant Rockstar Games before the deadline even expired.
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
