19.03.2026
2 min
632
One of the largest education platforms in the US, Infinite Campus, has been hit by a cyberattack. A group believed to be linked to ShinyHunters claims to have stolen data and is demanding a ransom, threatening to leak the information.
The incident occurred on March 18 when an attacker gained access to an employee’s Salesforce account. Security systems detected suspicious activity and the account was quickly disabled.Later that day, the attacker contacted the company, claiming affiliation with a group known for targeting Salesforce accounts. They demanded payment in exchange for deleting the stolen data. Infinite Campus stated it will not negotiate with the attacker.
According to the company’s CEO, the attackers did not access core customer databases. The breach was limited to a Salesforce instance containing names and contact details of school staff.
As a precaution, some services were restricted for customers without IP filtering. The company, along with external cybersecurity experts, is currently auditing all potentially affected data.
ShinyHunters has previously targeted Salesforce environments using social engineering techniques. On their leak site, they claim to possess personally identifiable information and internal corporate data.
“This is a final warning to reach out by 25 Mar 2026 before we leak along with several annoying (digital) problems that’ll come your way. Make the right decision, don’t be the next headline.”
Infinite Campus serves over 11 million students across more than 3,200 school districts in 46 US states, making the potential impact significant.
ShinyHunters is known for multiple high-profile data breaches and extortion campaigns. Their methods often involve phishing or social engineering to compromise employee accounts, followed by ransom demands.
Although the company claims limited exposure, this attack highlights how even large-scale education platforms remain vulnerable. Third-party services like Salesforce increasingly become weak points in cybersecurity defenses.
