The educational book giant McGraw Hill has confirmed that it has been the victim of a security breach that has resulted in a significant data leak.
According to information gathered by services like Have I Been Pwned, the breach may have affected 13.5 million accounts, with 100 GB in the hands of thieves.
Among the details accessed by the cybercriminals are email addresses, names, phone numbers, and physical addresses.
The attack has been attributed to the ransomware group ShinyHunters, which included the company in its leak portal on the dark web and threatened to publish the data if their extortion demands were not met.
The educational publisher states that the breach has not compromised critical data such as Social Security numbers, financial information, or students’ academic data.
The attacker claims to have obtained up to 45 million records with personal data (PII), a number much higher than indirectly acknowledged by the company.
Salesforce, entry point
McGraw Hill points to a misconfiguration in the Salesforce environment as the origin of the problem, indicating that it is an issue that could be affecting multiple organizations using this platform.
Indeed, this case is not an isolated incident but part of a much larger campaign attributed to the aforementioned group, which has been exploiting Salesforce environments and associated services for months to steal data and extort companies.
Another recent victim of the group has been the video game company Rockstar Games, as we reported in Digital Shield.
Security investigations raise the impact to more than 200 potentially affected Salesforce instances.
Among them are tech companies like Google or LinkedIn, telecoms like Verizon, luxury and fashion companies like Adidas or Cartier, airlines like Air France-KLM or Qantas, insurers like Allianz Life, or institutions like the European Commission itself.
The educational book giant McGraw Hill has confirmed that it has been the victim of a security breach that has resulted in a significant data leak.
According to information gathered by services like Have I Been Pwned, the breach may have affected 13.5 million accounts, with 100 GB in the hands of thieves.
Among the details accessed by the cybercriminals are email addresses, names, phone numbers, and physical addresses.
The attack has been attributed to the ransomware group ShinyHunters, which included the company in its leak portal on the dark web and threatened to publish the data if their extortion demands were not met.
The educational publisher states that the breach has not compromised critical data such as Social Security numbers, financial information, or students’ academic data.
The attacker claims to have obtained up to 45 million records with personal data (PII), a number much higher than indirectly acknowledged by the company.
Salesforce, entry point
McGraw Hill points to a misconfiguration in the Salesforce environment as the origin of the problem, indicating that it is an issue that could be affecting multiple organizations using this platform.
Indeed, this case is not an isolated incident but part of a much larger campaign attributed to the aforementioned group, which has been exploiting Salesforce environments and associated services for months to steal data and extort companies.
Another recent victim of the group has been the video game company Rockstar Games, as we reported in Digital Shield.
Security investigations raise the impact to more than 200 potentially affected Salesforce instances.
Among them are tech companies like Google or LinkedIn, telecoms like Verizon, luxury and fashion companies like Adidas or Cartier, airlines like Air France-KLM or Qantas, insurers like Allianz Life, or institutions like the European Commission itself.
Click Here For The Original Source.
