Hello folks,
Has the educational system learned anything? If you search our blog for education, we’ve covered quite a lot of different things.
Some publications may touch on a bunch of topics, yet not stay on one. This is because they’re news oriented and just report stuff.
But here at the JRN and Jared’s Tech Podcast Network, we try to be a little bit different and show some type of pattern.
The article is coming from Bleeping Computer and is titled Data breach at edtech giant McGraw Hill affects 13.5 million accounts.
Let’s see if they’ve learned something, shall we?
A well known group, known as “Shiny Hunters” has apparently taken responsibility for this breach, and the number is not necessarily staggering, especially when you compare it to some of the other breaches, leaks and other data problems we’ve had to cover as of late.
Would anyone balk at the amount of potential victims that could be affected here?
The ShinyHunters extortion group has leaked data from 13.5 million McGraw Hill user accounts, stolen after breaching the company’s Salesforce environment earlier this month.
We know that we’ve covered a bunch of salesforce issues in recent times, so this should not necessarily be surprising to a lot of my readers.
Founded in 1909, McGraw Hill is a leading global educational publisher with annual revenue of $2.2 billion, which provides education content and solutions for PreK–12, higher education, and professional learning.
If you make 2.2 billion (with a b) than how could you have such a hard time keeping accounts secure? You should really have the funding to be able to be as secure as possible.
The JRN runs on a small budget, yet, to my knowledge, this company has not had any data leaks, data breaches, loss of data since dropbox was brought in to our infrastructure as a collaberation tool, and knowing that the JRN backs up all major files including web site files.
The company confirmed ShinyHunters’ breach claims in a statement shared with BleepingComputer on Tuesday, saying the threat actors exploited a misconfiguration in the compromised Salesforce environment and that the incident didn’t affect its Salesforce accounts, courseware, customer databases, or internal systems.
So … this is a step up from our other big story of L.A. Metro, who has not confirmed a thing yet.
Just like with Metro, the agency here also found unauthorized access.
“McGraw-Hill recently identified unauthorized access to a limited set of data from a webpage hosted by Salesforce on its platform. This activity appears to be part of a broader issue involving a misconfiguration within Salesforce’s environment that has impacted multiple organizations that work with Salesforce,” a McGraw-Hill spokesperson told BleepingComputer.
This is good reporting. This is what we want to see, and both Metro and McGraw did come clean there. I’m happy for that.
What we don’t know about Metro though, is whether there could have been a misconfigured server somewhere. Why? Because all we have on that story are claims. Lots of claims. Nothing except acknowledgment of the fact there was unauthorized access is all we know there.
?While McGraw Hill has yet to share how many individuals were affected by the resulting data breach, data breach notification service Have I Been Pwned says ShinyHunters has now leaked over 100GB of files containing data linked to 13.5 million accounts.
The exposed information includes names, physical addresses, phone numbers, and email addresses, which threat actors could use to target McGraw Hill customers in spear-phishing attacks.
So at least we have some idea of what’s going on, unlike Metro, don’t my readers think?
The article continues:
“In April 2026, education company McGraw Hill confirmed a data breach following an extortion attempt. Attributed to a Salesforce misconfiguration, the company stated the incident exposed ‘a limited set of data from a webpage hosted by Salesforce on its platform’,” Have I Been Pwned said today.
“More than 100GB of data was later publicly distributed, containing 13.5M unique email addresses across multiple files, with additional fields such as name, physical address and phone number appearing inconsistently across some records.”
The article continues to talk about Shiny Hunters and what they’ve alledgedly done through recent times, and that should be no surprise to anyone.
Please feel free to read the linked article to learn all of the details on this one. I at least give Mcgrawl credit and coming out with what they had. Unlike Metro, who has not, and I’m just a committee member, that makes this much more tollerable to swallow.
McGrawl doesn’t really need every piece of info they collect to give out or to buy their educational material do they? OK, for print material and shipping yes. Payment data, I hope would be secure. But once the order is fulfilled, do you really need to keep that data around? Probably, but not on the Internet where people can find it.
It takes one misconfigured server to have everything going sideways. That’s what I’m trying to say. Nobody has learned this yet, and I think the educational system needs to learn really quick that this is not 1990 or the early 2000 period anymore. Securing your software is paramount today, and Mcgrawl did everything right to quell the damage that could’ve been caused if they didn’t.
Do let me know what you think. The comment boards await you.
Discover more from Jared's Technology podcast network
Subscribe to get the latest posts sent to your email.