Infinite Campus Data Breach Exposes 137, Users Personal

Infinite Campus, a widely used student information system in U.S. K-12 schools, has disclosed a data breach affecting approximately 137,000 individuals.

The incident has been linked to the ShinyHunters cybercriminal group, known for carrying out large-scale data theft and extortion campaigns. The breach occurred in March 2026 as part of a “pay or leak” operation.

Attackers stole sensitive data and demanded ransom to prevent its public release, but after claiming their demands were ignored, ShinyHunters published the allegedly stolen dataset.

Infinite Campus Data Breach Exposes

According to Have I Been Pwned reports and company disclosures, the exposed data includes email addresses, names, phone numbers, physical addresses, usernames, job titles, employers, and internal support tickets.

Infinite Campus stated that much of the data consists of directory information about school staff, which is often publicly available on institutional websites. However, cybersecurity experts warn that aggregating such data into a single dataset increases the risk of misuse.

Although the breach primarily impacts school staff rather than students, the exposure of support tickets may provide additional context about internal systems, potentially aiding threat actors in crafting targeted attacks.

The full technical details of how the attackers gained access have not yet been disclosed. However, the nature of the data suggests possible compromise of backend systems or support infrastructure.

ShinyHunters has previously been associated with breaches involving exposed databases and stolen credentials. The group often distributes stolen data through underground forums to pressure organizations and amplify reputational damage.

Their continued activity highlights persistent weaknesses in access controls and data protection practices across organizations that handle large volumes of user information.

Infinite Campus has begun notifying affected individuals and is advising users to remain cautious. Even if the exposed information appears low-sensitivity, it can still be leveraged for phishing, identity-based attacks, and social engineering campaigns.

Security professionals recommend that affected users update their passwords to strong, unique combinations and enable multi-factor authentication wherever possible.

Users should also monitor their accounts for suspicious activity and be cautious of unexpected emails or messages referencing school-related services.

This incident underscores the growing cybersecurity risks facing education technology platforms. It also highlights how seemingly routine data, when exposed at scale, can become a valuable resource for cybercriminal operations.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.