ShellCodeX
Tools โ€ข Events โ€ข News โ€ข Insights
ShellCodeX Breach Report

Infinite Campus Data Breach

infinitecampus.com
Limited exposure
Verified breach
Accounts exposed 137,123
Breach date 18 Mar 2026
Added to tracker 15 Jun 2026
Data classes 8

What happened

In March 2026, the student information system Infinite Campus was targeted in a ShinyHunters "pay or leak" extortion campaign. The group subsequently published data they alleged was taken from Infinite Campus, containing 137k unique email addresses along with names, phone numbers, physical addresses and support tickets. Infinite Campus subsequently sent notifications, advising that the exposed data largely consisted of "names and contact information for school staff" and that "the majority is directory information commonly found on school websites".

Exposed data

Email addresses Employers Job titles Names Phone numbers Physical addresses Support tickets Usernames

Recommended actions

  • Watch for targeted phishing emails referencing Infinite Campus โ€” attackers weaponise breach data quickly.
  • Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
  • Exposed identity data raises identity-theft risk โ€” consider credit monitoring or a credit freeze.
  • Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected? Check whether your email address appears in this breach.
Check on HIBP