惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

The Cloudflare Blog
Microsoft Security Blog
Microsoft Security Blog
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
L
LangChain Blog
W
WeLiveSecurity
P
Proofpoint News Feed
月光博客
月光博客
NISL@THU
NISL@THU
L
LINUX DO - 最新话题
Webroot Blog
Webroot Blog
T
Threatpost
Y
Y Combinator Blog
www.infosecurity-magazine.com
www.infosecurity-magazine.com
T
Threat Research - Cisco Blogs
Vercel News
Vercel News
Jina AI
Jina AI
阮一峰的网络日志
阮一峰的网络日志
S
Schneier on Security
J
Java Code Geeks
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
小众软件
小众软件
MyScale Blog
MyScale Blog
N
News and Events Feed by Topic
Stack Overflow Blog
Stack Overflow Blog
有赞技术团队
有赞技术团队
The Hacker News
The Hacker News
Schneier on Security
Schneier on Security
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Help Net Security
Help Net Security
Recent Announcements
Recent Announcements
S
Security @ Cisco Blogs
C
CXSECURITY Database RSS Feed - CXSecurity.com
S
Securelist
T
The Exploit Database - CXSecurity.com
云风的 BLOG
云风的 BLOG
C
Cisco Blogs
雷峰网
雷峰网
量子位
Google DeepMind News
Google DeepMind News
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Spread Privacy
Spread Privacy
L
Lohrmann on Cybersecurity
I
Intezer
T
The Blog of Author Tim Ferriss
G
GRAHAM CLULEY
D
DataBreaches.Net
V
Vulnerabilities – Threatpost
P
Privacy & Cybersecurity Law Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
罗磊的独立博客

The Register - Off-Prem

AWS CloudFront outage serves errors instead of websites India’s tech services giant HCL is getting into the AI datacenter business Britain Microsoft shifts to annual exchange rate price revision for cloudy products Amazon’s Mechanical Turk to stop accepting new customers – and not even AI can save it Fire burns Google Cloud India’s network, which remains slow a week later EU sovereignty push gives tech buyers a new alphabet soup to swallow Google, Canonical team up to certify Ubuntu images for TPU VMs Arm moves into the heart of the cloud stack Snowflake to burn $6B on AWS Graviton CPUs and AI accelerators Big Tech extracts retirement-scale wealth from UK internet users, research shows Open Compute urges local government to bask in the warm glow of excess datacenter heat Google Cloud suspended major customer Railway.com without cause, causing outage Broadcom finds a VMware customer willing to stick around: London Stock Exchange Baidu says the quiet part out loud – you can’t build AI infrastructure, so clouds can cash in AWS racks M3 Ultra Macs that boast specs you can’t currently buy Tencent admits GPUs only pay for themselves when powering personalized ads Red Hat blasts RHEL 10.1 into orbit aboard Voyager's micro datacenter Sovereign cloud is only possible if you’re Chinese or American: Gartner Cloudflare to fire 1,100 staff whose jobs just aren’t AI enough AWS warns of EC2 'impairment' as power loss hits notorious US-EAST-1 region IBM Cloud evaporates as datacenter loses power Neocloud IREN buys OpenStack champion Mirantis AWS lets agents drive its virtual cloudy desktops Anthropic comes for the midmarket software spend VMware claims Cloud Foundation on track for world domination Microsoft to stop reservations for 17 Azure VMs, kill 13 DVSA shrugs off claims of week-long booking site issues ServiceNow under siege as Atlassian adds to ITSM take-outs ICANN opens applications for new gTLDs AWS says server memory shortage pushing customers to cloud Survey: US workers are not keen on Microsoft's AI Google to sell its TPUs to some customers Microsoft lifts 2026 CapEx by $25B to cover price rises Service change takes down Microsoft Outlook for iOS Google Cloud Next made it clear: AI is coming for everything Trump threatens UK with ‘big tariff’ over digital tech tax Workday, Rippling, Slack lflunk data access test: Fivetran Grafana offers AI assistant for free, warns users not to go mad UK tribunal sends £2B claim accusing Microsoft of overcharging for licensing to trial £2B Microsoft licensing claim gets go-ahead from UK tribunal The spaghettified DBMS chart that shows Oracle's crown is slowly slipping One of Europe's sovereign cloud picks may not be so-sovereign after all Europe picks 4 sovereign cloud providers, but one has Google UK weighs break clause in Palantir NHS deal Atlassian’s new data collection policy protects rich customers while AI eats the rest Atlassian to train AI on user data unless law or cash say no Users complain of UK Azure capacity problems Microsoft closes book on rogue Windows Server 2025 upgrades Britain sends 'biggest ever drone package' to Ukraine Networks not ready for the challenges of AI traffic UK told its Big Tech habit is now a national security risk Commvault has a Ctrl+Z for rogue AI agents How ServiceNow gets customers to gorge at the AI trough UK startup to supply drone interceptors for Britain, allies Digital sovereignty isn't just a buzzword – it's the future Salesforce is taking on ServiceNow in ITSM. The winner is AI Salesforce is taking on ServiceNow in ITSM. The winner is AI Snowflake manager on 'Spider-Man' theory of AI agents Amazon rejects AWS climate disclosure proposal Amazon rejects AWS climate disclosure proposal Microsoft cuts cloudy desktop prices by 20 percent Microsoft cuts cloudy desktop prices by 20 percent Google taps Intel for another round of custom network chips AWS put a file system on S3; I stress-tested it Minnesota payroll problems grew after Workday, say auditors Nutanix thinks some Azure cloud desktops belong on-prem Yahoo Japan’s consolidating 164 OpenStack clusters into one Ex-Microsoft engineer blames Azure problems on talent exodus Salesforce looks to Slackbot to help solve SaaSpocalypse ServiceNow salesman sues employer in commission dispute ServiceNow salesman sues employer in commission dispute Big Tech has not enforced Australia’s social media ban Lloyds app glitch exposed transactions to almost 500K users AWS would prefer to forget March in UAE region AWS would prefer to forget March in UAE region 'Emphathetic 'Salesforce bots to help fired via Labor Dept EFF has new boss, Nicole Ozer, to fight privacy-suckers Black Hawk drone: US Army gets self-flying chopper Smooth criminals talking their way into cloud environments, Google says NATO needs layered defenses to deal with swarms of drones NATO needs layered defenses to deal with swarms of drones CMA dithers as Microsoft's cloud meter runs on your dime Microsoft startup credits are the gift that keeps on billing SAP's grand cloud escape plan €2B short of the runway Tencent sees Tencent sees 'better pricing environment' due to AI boom Alibaba Cloud hikes prices by up to 34%, blames hardware costs and AI demand AWS spurs Catch-22, ending PostgreSQL 13 support for RDS BBC digital switch backfires as online audience falls
McGraw Hill linked to 13.5M-record data leak
Carly Page Carly Page · 2026-04-16 · via The Register - Off-Prem

Cyber-crime

Textbook titan McGraw Hill on ransomware crew's reading list after 13.5M records exposed

Publisher claims misconfigured Salesforce-hosted page leaked data

Textbook giant McGraw Hill has landed on a ransomware crew's leak site after an alleged Salesforce-linked misconfiguration spilled 13.5 million records into the wild.

Have I Been Pwned says the breach exposed names, phone numbers, email addresses, and some physical addresses. McGraw Hill described the source as a "limited" Salesforce-hosted webpage – though the data now circulating publicly tops 100 GB and covers 13.5 million email addresses.

Most Salesforce compromises don't stem from flaws in Salesforce itself, but from stolen credentials, abused OAuth apps, or over-permissioned integrations that give attackers legitimate access to quietly pull data.

The breach surfaced earlier this week when the ShinyHunters crew added McGraw Hill to its dark web leak site alongside other victims, including Rockstar Games. The listing, seen by The Register, says the group has "over 40M Salesforce records containing PII data" and accuses the company of failing to pay a ransom before an April 14 deadline.

McGraw Hill has kept quiet on its own channels, with no mention of the incident on its website and no response to The Register's questions. In statements to other outlets, however, it claimed the activity "appears to be part of a broader issue involving a misconfiguration within Salesforce's environment that has impacted multiple organizations."

The publisher was also keen to draw a line around the damage, insisting the intrusion "did not involve unauthorized access to McGraw Hill's Salesforce accounts, customer databases, courseware, or internal systems." That may be technically accurate, though it's unlikely to be much comfort to anyone whose personal details may now be circulating online.

Salesforce did not respond to The Register's questions.

ShinyHunters has targeted Salesforce-linked environments before, including a 2025 campaign that exploited weaknesses in connected services rather than breaking into core systems directly.

For McGraw Hill – an outfit built on digital learning platforms and assessments spanning K-12 through to professional training – the irony is hard to miss. The lesson here, at least for those caught up in the mess, is that even "limited" exposure can add up fast once it escapes into the open. ®