Infinite Campus reports hack after ShinyHunters extortion attempt

BleepingComputer reports that U.S. education technology firm Infinite Campus has disclosed a data breach stemming from the hack of an employee's Salesforce account after the ShinyHunters threat operation threatened to leak data purportedly pilfered from the popular K-12 student information system provider on March 25. Investigation into the incident revealed that only names and contact details for school staff, as well as other typically publicly available data, had been accessed by attackers, while no customer databases were compromised, said Infinite Campus founder and CEO Charlie Kratsch in breach notices provided to customers. Aside from deactivating some services for customers without IP address restrictions, Infinite Campus which stressed its refusal to engage with hackers noted to have facilitated widespread Salesforce intrusions has also commenced scanning all Salesforce data alongside its partners. Such an incident comes more than a year after 62 million students across the U.S. had their sensitive information compromised in the PowerSchool hack.