Scholastic data breach overview:
- Who: A hacker calling themselves Parasocial breached the data of education publishing giant Scholastic earlier this month.
- Why: The hacker stole data linked to 8 million customers and education professionals, but claims they have no intention of releasing the information, instead encouraging the company to adopt better security measures.
- Where: The breach affected the data of customers and education professionals in the United States.
Education publishing giant Scholastic fell victim to a data breach this month that exposed the information of millions of people — but the perpetrator reportedly does not intend to release the data.
A hacker who identifies themselves as “Parasocial” accessed the company’s employee portal and stole data linked to 8 million individuals, reports Daily Dot.
Parasocial, who shared the stolen data with the Daily Dot, said they targeted Scholastic out of boredom and used stolen employee credentials compromised by malware.
The hacker said they have no nefarious plans, however; they simply want Scholastic to adopt better security measures.
“Don’t let your customers suffer for your security failures,” Parasocial reportedly said to the company in encouraging it to adopt multi-factor authentication, which can help protect sensitive customer information.
Data stolen included names, email addresses, home addresses
Scholastic, a leader in pre-K to grade 12 educational materials, offers resources for parents, teachers, and administrators. Its website collects information such as names, email addresses, phone numbers, and home addresses. The breach exposed a mix of these details for both U.S. customers and education professionals, although not every record included all the data.
Of the entries, around 1 million were “education contacts,” while the rest belonged to general customers. After removing duplicates, the Scholastic data breach included over 4.2 million unique email addresses.
According to the hacker, their activities were limited by an export cap on Scholastic’s servers. A screenshot provided to the Daily Dot revealed the portal’s internal sections, which manage everything from employee records to inventory and sales data.
Scholastic acknowledged the breach in a statement to the Daily Dot, noting that they are investigating the claim.
“Scholastic takes the security of our customers’ data seriously with extensive systems and protocols,” a company spokesperson said.
In 2022, Scholastic recalled more than 185,000 Shake Look Touch books as the pom poms on the book can detach, posing a choking hazard to young children.
What do you think of this Scholastic data breach? Let us know in the comments.
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
60 thoughts onScholastic data breach reportedly affects 8 million
Please add me to the list! I dealt with Scholastic for 12-13 years with book shows/sales for 2 elementary schools.
Ohio here.. like to file
Add me to your list
Please add me
Add me