McGraw Hill Confirms Data Breach Exposing 13.5 Million Users’ Personal Data

Home Cyber Security News McGraw Hill Confirms Data Breach Exposing 13.5 Million Users’ Personal Data Education publishing giant McGraw-Hill has confirmed a data breach following an extortion attempt, with more than 100GB of stolen data now publicly distributed online, exposing the personal information of approximately 13.5 million users. The breach, disclosed in April 2026, stems from a misconfiguration in McGraw-Hill’s Salesforce environment. According to the company, the incident exposed “a limited set of data from a webpage hosted by Salesforce on its platform.” However, the scale of the leaked data tells a broader story. After the extortion attempt failed to yield results, threat actors publicly released the stolen dataset. According to Have I Been Pwned the dumped files found 13.5 million unique email addresses spread across multiple files, with additional personal data fields including names, phone numbers, and physical addresses appearing inconsistently across various records. What Data Was Compromised The exposed dataset reportedly includes: Email addresses (13.5 million unique entries) Full names Phone numbers Physical addresses Not all records contained every data field, suggesting the breach pulled from multiple database sources or that data completeness varied across user accounts. Salesforce misconfigurations have become an increasingly common attack vector targeting enterprises that rely on the platform for customer and user data management. In this case, a misconfigured webpage appears to have made sensitive user data accessible without proper authentication controls, a critical oversight for a company handling millions of student and educator records. McGraw-Hill serves a global audience of students, educators, and academic institutions, making the exposure of this data particularly concerning. Victims may face phishing attempts, targeted social engineering attacks, and spam campaigns leveraging the leaked contact details. McGraw-Hill’s Response The company has acknowledged the breach and attributed it to the Salesforce misconfiguration, though it characterized the exposed data as limited. Critics argue that 13.5 million records and over 100GB of publicly released data represent a significant incident that goes beyond a minor configuration error. Affected users are advised to: Be alert to phishing emails impersonating McGraw-Hill or affiliated educational institutions Monitor for unsolicited calls or messages using personal details Consider updating passwords associated with their McGraw-Hill accounts Watch for suspicious activity linked to their email addresses using breach monitoring services The incident underscores the risks that cloud platform misconfigurations pose to organizations storing large volumes of user data and the reputational and legal consequences that follow when threat actors escalate extortion attempts by going public with stolen records. Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories. RELATED ARTICLESMORE FROM AUTHOR Cyber Security News New UAC-0247 Campaign Steals Browser and WhatsApp Data From Hospitals and Governments Cyber Security News Critical Cisco ISE Vulnerabilities Let Remote Attackers Execute Malicious Code Current Cyber Security News Fake Proton VPN Sites and Gaming Mods Spread NWHStealer in New Windows Malware Campaign Top 10 Top 10 Best User Access Management Tools in 2026 April 4, 2026 Top 10 Best VPN For Chrome in 2026 April 4, 2026 20 Best Application Performance Monitoring Tools in 2026 April 3, 2026 Top 10 Best VPN For Linux In 2026 April 3, 2026 10 Best VPN For Privacy In 2026 April 2, 2026