CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◇ Industry News & Leadership Jun 16, 2026

Infinite Campus Data Breach Exposes 137,000 Users Personal Details

Cybersecurity News Archived Jun 16, 2026 ✓ Full text saved

Infinite Campus, a widely used student information system in U.S. K-12 schools, has disclosed a data breach affecting approximately 137,000 individuals. The incident has been linked to the ShinyHunters cybercriminal group, known for carrying out large-scale data theft and extortion campaigns. The breach occurred in March 2026 as part of a “pay or leak” operation. […] The post Infinite Campus Data Breach Exposes 137,000 Users Personal Details appeared first on Cyber Security News .

Full text archived locally
✦ AI Summary · Claude Sonnet


    HomeCyber Security News Infinite Campus Data Breach Exposes 137,000 Users Personal Details By Abinaya June 16, 2026 Infinite Campus, a widely used student information system in U.S. K-12 schools, has disclosed a data breach affecting approximately 137,000 individuals. The incident has been linked to the ShinyHunters cybercriminal group, known for carrying out large-scale data theft and extortion campaigns. The breach occurred in March 2026 as part of a “pay or leak” operation. Attackers stole sensitive data and demanded ransom to prevent its public release, but after claiming their demands were ignored, ShinyHunters published the allegedly stolen dataset. Infinite Campus Data Breach Exposes According to Have I Been Pwned reports and company disclosures, the exposed data includes email addresses, names, phone numbers, physical addresses, usernames, job titles, employers, and internal support tickets. Infinite Campus stated that much of the data consists of directory information about school staff, which is often publicly available on institutional websites. However, cybersecurity experts warn that aggregating such data into a single dataset increases the risk of misuse. Although the breach primarily impacts school staff rather than students, the exposure of support tickets may provide additional context about internal systems, potentially aiding threat actors in crafting targeted attacks. The full technical details of how the attackers gained access have not yet been disclosed. However, the nature of the data suggests possible compromise of backend systems or support infrastructure. ShinyHunters has previously been associated with breaches involving exposed databases and stolen credentials. The group often distributes stolen data through underground forums to pressure organizations and amplify reputational damage. Their continued activity highlights persistent weaknesses in access controls and data protection practices across organizations that handle large volumes of user information. Infinite Campus has begun notifying affected individuals and is advising users to remain cautious. Even if the exposed information appears low-sensitivity, it can still be leveraged for phishing, identity-based attacks, and social engineering campaigns. Security professionals recommend that affected users update their passwords to strong, unique combinations and enable multi-factor authentication wherever possible. Users should also monitor their accounts for suspicious activity and be cautious of unexpected emails or messages referencing school-related services. This incident underscores the growing cybersecurity risks facing education technology platforms. It also highlights how seemingly routine data, when exposed at scale, can become a valuable resource for cybercriminal operations. Follow us on Google News, LinkedIn, and X to Get More Instant Updates. Tags cyber security cyber security news Copy URL Linkedin Twitter ReddIt Telegram Abinayahttps://cybersecuritynews.com/ Abi is a Security Editor and fellow reporter with Cyber Security News. She is covering various cyber security incidents happening in the Cyber Space. Trending News Hackers Abuse Fake Utility Downloads to Install ScreenConnect and Mine Cryptocurrency Hackers Exploiting LiteLLM RCE Vulnerability in the Wild to Run Arbitrary Commands GitHub to Automate Disable npm Script Installs to Block Supply Chain Attacks Anthropic Updated Privacy Policy to Include Identity Verification for Claude Users Microsoft Defender Now Monitors RPC Protocol Abuse by Hackers Latest News Cyber Security News Ransomware Ecosystem Consolidates Around LockBit Alumni, Qilin, Hyflock, and The Gentlemen Cyber Security News Hackers Abuse Legitimate RMM Tools in The Quarry IRS and SSA Phishing Campaigns Cyber Security News LiteSpeed cPanel Plugin 0-Day Vulnerability Actively Exploited in the Wild Cisco Cisco SD-WAN vManage Vulnerability Exploited in Zero-Day Attacks Cyber Security News Nearly 14,000 SimpleHelp Servers Exposed Amid Critical Authentication Bypass Disclosure
    💬 Team Notes
    Article Info
    Source
    Cybersecurity News
    Category
    ◇ Industry News & Leadership
    Published
    Jun 16, 2026
    Archived
    Jun 16, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗