ShinyHunters has added four U.S. educational institutions to its extortion site, alleging the theft of student, employee, admissions, financial aid, payroll, and immigration-related records while issuing a June 18, 2026 deadline for the organizations to respond.
The newly listed organizations are Houston Community College, Glendale Community College, Illinois Central College, and Moody Bible Institute. The claims have not been independently verified, and BreachNews has not confirmed that any of the organizations experienced a data breach.
The listings appear amid an ongoing series of ShinyHunters claims targeting educational institutions, including the recently disclosed University of Nottingham incident, as well as the group’s broader extortion campaign affecting organizations across multiple sectors.
Student and admissions systems allegedly exposed
According to the leak site listings, Glendale Community College allegedly lost more than 62 GB of data spanning admissions, financial aid, enrollment, and PeopleSoft Campus Solutions environments.
The group claims the dataset includes more than 150,000 student records containing names, dates of birth, student email addresses, enrollment files, immunization compliance logs, admissions reports, transcript PDFs, and financial aid exports dating from 2020 through 2026.
Houston Community College is described as one of the largest alleged education-sector victims in the latest wave. The listing claims hundreds of thousands of student records were compromised, including enrollment information, GPA data, contact information, financial aid records, and international student documentation.
The post further alleges the exposure of passport records, visa applications, bank statements, immigration affidavits, SEVIS-related documentation, and thousands of immunization and health records.
Payroll and employee data reportedly included
Illinois Central College allegedly suffered exposure of more than 28 GB of data across PeopleSoft Campus Solutions, Human Resources, Workday, and pension-related systems.
The listing claims the data includes employee payslips, payroll exports, direct deposit information, student aid records, enrollment files, and pension reporting documents. ShinyHunters further alleges that some records contain Social Security numbers and banking information.
At Moody Bible Institute, the group claims to have obtained more than 23 GB of information spanning enrollment, donor relations, admissions, payroll, and communications systems.
According to the listing, the purported dataset contains millions of communications records, donor information, admissions outreach files, employee payroll data, student housing assignments, and demographic records.
PeopleSoft appears across multiple listings
Three of the four newly listed institutions are specifically described as operating Oracle PeopleSoft environments, a notable detail as organizations continue investigating exploitation activity tied to recently disclosed PeopleSoft vulnerabilities.
While ShinyHunters has not publicly explained how access was allegedly obtained, the repeated appearance of PeopleSoft-related systems across multiple education-sector listings may attract additional scrutiny from defenders and incident responders.
The claims also arrive days after reports linking active exploitation of Oracle PeopleSoft environments to ongoing intrusion activity targeting universities and other organizations.
June 18 deadlines issued
Each of the four institutions has been assigned a June 18 deadline on the group’s leak site. The listings contain descriptions of the allegedly compromised datasets but do not include publicly downloadable archives at the time of publication.
The latest education-sector additions follow a broader ShinyHunters campaign that recently expanded to include major corporate and government-related targets. Earlier this week, the group added multiple organizations to its extortion site and issued similar pay-or-leak warnings as part of what appears to be an accelerating victim publication cycle.
Readers can review BreachNews coverage of the group’s latest activity in our report on ShinyHunters’ recent victim disclosures and extortion deadlines.
Houston Community College, Glendale Community College, Illinois Central College, and Moody Bible Institute had not issued any public statement regarding the claims at time of publication.
