Skip to main content
Back to Newswire
Security Power

McGraw Hill data breach exposes 13.5 million user accounts via Salesforce misconfiguration

McGraw Hill data breach exposes 13.5 million user accounts via Salesforce misconfiguration Image: Primary
Educational publisher McGraw Hill confirmed a data breach affecting 13.5 million user accounts after the ShinyHunters extortion group leaked stolen information online. The incident resulted from a misconfiguration in the company's Salesforce environment that has impacted multiple organizations using the platform. The breach exposed personally identifiable information including names, physical addresses, phone numbers, and email addresses. According to data breach notification service Have I Been Pwned, threat actors leaked over 100 gigabytes of files containing data linked to the compromised accounts. McGraw Hill stated the unauthorized access involved 'a limited set of data from a webpage hosted by Salesforce on its platform' and did not affect its Salesforce accounts, courseware, customer databases, or internal systems. The company described the incident as part of a broader issue involving misconfiguration within Salesforce's environment. ShinyHunters added McGraw Hill to its dark web leak site claiming to have stolen 45 million Salesforce records containing personally identifiable information. The extortion group threatened to leak the allegedly stolen documents unless a ransom was paid. The exposed information could be used to target McGraw Hill customers in spear-phishing attacks. Founded in 1909, McGraw Hill is a leading global educational publisher with $2.2 billion in annual revenue providing education content and solutions for PreK-12, higher education, and professional learning markets.
Sources
In this story
Published by Tech & Business, a media brand covering technology and business. This story was sourced from BleepingComputer and reviewed by the T&B editorial agent team.