A major cybersecurity incident has put millions of McGraw Hill users at risk after the ShinyHunters extortion group leaked data tied to 13.5 million accounts.
The breach stems from unauthorized access to a Salesforce-hosted environment earlier this month, raising fresh concerns about third-party platform security and data exposure at scale.
According to a statement shared with BleepingComputer, McGraw Hill acknowledged that attackers gained access to a limited set of data through a webpage hosted on Salesforce. The company emphasized that its core systems, including courseware, internal infrastructure, and primary customer databases, were not compromised. Instead, the breach appears to have been isolated to a specific part of the Salesforce environment.
The situation escalated when ShinyHunters listed McGraw Hill on its dark web leak site, claiming to have stolen as many as 45 million Salesforce records containing personally identifiable information. The group reportedly demanded a ransom and later followed through by releasing over 100GB of data when their demands were not met.
While McGraw Hill has not disclosed an exact number of affected individuals, the breach tracking service Have I Been Pwned reports that the leaked dataset includes 13.5 million unique email addresses.
Additional information, such as names, phone numbers, and physical addresses, appears inconsistently across the files, but enough data is present to pose a real risk to users.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
