Hackers accessed data through a school platform used by millions of students across the U.S. Here’s what happened — and what this breach reveals about how attackers break in without hacking systems.
Table of Contents
What Happened
According to TechRadar, a student information system called Infinite Campus confirmed a data breach after attackers accessed an employee account on Salesforce. Salesforce is a platform that companies use to manage customer data and internal systems.
The breach happened on March 18, 2026.
The company says its security team detected the activity quickly and removed the attacker. But before losing access, they managed to extract some data.
Experts say ShinyHunters was behind the attack. The group often targets corporate systems and threatens companies.
They are now demanding money and say they may release the data if the company doesn’t pay.
What Data Was Exposed
According to the company, the attacker accessed:
- Names of school staff
- Contact information (such as email or phone details)
Importantly, Infinite Campus says:
- Student data was not targeted
- Sensitive customer records were not stolen
- Much of the exposed information is already publicly available on school websites
Attackers say they accessed additional personally identifiable information (PII), though this hasn’t been confirmed.
Why and How This Attack Happened
This wasn’t a typical “hack the system” attack.
Instead, it appears to be part of a broader campaign targeting Salesforce accounts using:
- Voice phishing (vishing) — scammers call employees and pretend to be someone they trust to get access.
- Credential theft or OAuth token access — attackers steal login details (like usernames and passwords) or gain access tokens that let them log in without a password.
- Abuse of trusted internal tools (CRM systems) — taking advantage of systems that companies use to manage customer and internal data.
According to the Federal Bureau of Investigation, phishing and impersonation remain the most commonly reported cybercrimes. They show how often attackers rely on people — not technology — to break in.
Futureproof spots your potential risks early — even when data leaks aren’t visible. Get started today to stay protected all year long.
What This Incident Proves About Modern Attacks
Even when student data isn’t stolen, incidents like this still matter because:
- Stolen staff data can be used for phishing attacks against schools
- Hackers can impersonate school officials or IT teams
- These attacks often lead to secondary breaches targeting families and students
In other words, this is often just the first step, not the final risk.
This case shows just how modern attacks work: hackers don’t always need student data. Access to staff contact details is often enough to launch convincing scams. So stay alert, be careful, and take care of your data.
At Futureproof, Kevin makes online safety feel human with clear steps, real examples, and zero fluff. He holds a degree in information technology and studies fraud trends to keep his tips up-to-date.
In his free time, Kevin plays with his cat, enjoys board-game nights, and hunts for New York’s best cinnamon rolls.
