Moody Bible Institute Data Breach Exposes 2.3 Million Users’ Personal Data
Key Takeaways A significant data breach at Moody Bible Institute has exposed personal data belonging to over 2.3 million individuals. The ShinyHunters extortion group claimed responsibility,...
Key Takeaways
- A significant data breach at Moody Bible Institute has exposed personal data belonging to over 2.3 million individuals.
- The ShinyHunters extortion group claimed responsibility, publishing the stolen data after a failed “pay or leak” negotiation.
- Compromised data includes names, email addresses, dates of birth, phone numbers, physical addresses, genders, and marital statuses.
- Affected individuals are at heightened risk of identity theft, social engineering, and targeted phishing.
Moody Bible Institute Confirms Major Data Breach Affecting 2.3 Million Users
Moody Bible Institute has officially acknowledged a substantial data breach, impacting more than 2.3 million individuals. The incident came to light after the notorious ShinyHunters extortion group publicly released a trove of personal information associated with the institute’s donors, supporters, students, and alumni.
Table Of Content
ShinyHunters Extortion Campaign Leads to Data Leak
In June 2026, Moody Bible Institute became the target of a “pay or leak” extortion scheme, a common tactic employed by financially motivated threat actors like ShinyHunters. These groups exfiltrate sensitive data and then threaten public disclosure if a ransom demand is not met. Following unsuccessful negotiations, the attackers proceeded to publish the stolen dataset on various underground forums and leak sites, making good on their threat.
This incident represents one of the largest breaches to affect a faith-based educational institution in recent memory. According to HIBP, the compromised dataset contains over 2.3 million unique email addresses, along with a wealth of other personally identifiable information (PII).
In its official communication regarding the breach, Moody Bible Institute confirmed that it has “engaged both internal and external cybersecurity experts to thoroughly investigate the matter.” This statement indicates an active forensic response is underway, likely accompanied by consultations with regulatory bodies and legal counsel.
Scope of Exposed Data
The exposed records are reported to include a comprehensive array of personal data:
- Full names
- Email addresses
- Phone numbers
- Physical addresses
- Dates of birth
- Genders
- Marital statuses
This combination of data points poses risks far beyond typical phishing attempts. The presence of sensitive details such as dates of birth, marital status, and physical addresses enables the creation of detailed profiles. Such profiles are highly valuable for identity theft, sophisticated social engineering campaigns, and highly personalized phishing attacks, especially targeting demographics often associated with religious donor bases, who may be more susceptible to such ploys.
ShinyHunters has established a reputation for orchestrating large-scale data theft operations across various sectors. Their modus operandi typically involves monetizing stolen data through extortion rather than direct resale. This breach aligns with their established pattern: infiltrate systems, exfiltrate data, demand payment, and then leak the data if payment is refused.
For individuals affected by this breach, the implications extend beyond mere spam. Threat actors can leverage this granular PII, particularly the combination of full names, dates of birth, and addresses, for various malicious activities. These include account takeover attempts, synthetic identity fraud, and crafting highly convincing phishing lures that specifically reference the victim’s relationship as a donor or alumni with Moody Bible Institute.
Moody Bible Institute has not yet disclosed the initial attack vector that led to the breach, nor has it confirmed whether law enforcement agencies have been engaged in the ongoing investigation. HackersRadar will continue to monitor this situation and provide updates as further details emerge.
What You Should Do
Individuals who have donated to, studied at, or otherwise engaged with Moody Bible Institute should take immediate action to mitigate potential risks:
- Monitor Financial Accounts and Credit Reports: Regularly check for any unusual or unauthorized activity. Consider placing a fraud alert or credit freeze.
- Enable Multi-Factor Authentication (MFA): Activate MFA on all email accounts, financial services, and other critical online platforms to add an extra layer of security.
- Exercise Caution with Communications: Be highly skeptical of any unsolicited emails, calls, or messages that claim to be from or reference Moody Bible Institute, as these could be targeted phishing attempts.
- Check Exposure Status: Verify if your information was part of this breach by checking reputable services like Have I Been Pwned.
- Update Passwords: Change passwords for any accounts that may have used the same or similar credentials as those associated with your Moody Bible Institute interactions.
Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.



No Comment! Be the first one.