Tech
Moody Bible Institute breach leaves 2.3M accounts needing salvation, says cyber expert
Security
ShinyHunters leaks names, addresses, DOBs, and more after Christian college discloses cyberattack
Data on more than 2.3 million people associated with Moody Bible Institute (MBI) has been exposed online after the Christian college was targeted by ShinyHunters.
The attack was first disclosed by MBI in June, and the extortion crew later leaked the stolen data. Have I Been Pwned has since added the cache to its breach notification database, putting a figure on the number of exposed accounts.
MBI is one of many victims of ShinyHunters’ pay-or-leak attacks in 2026, and while the organization has not explicitly commented on whether it negotiated with the criminals, the leak suggests that the group’s extortion demands were not met.
Broadly consistent with ShinyHunters’ claims, the MBI data made available for download on June 23 includes names, genders, dates of birth, physical and email addresses, phone numbers, and marital statuses.
The cache also included documents concerning donor relations, MBI’s supporters, students, and alumni.
MBI has not spoken publicly since June 22, the day before ShinyHunters leaked its files.
The organization stated that its tech team had addressed a vulnerability and brought in external cybersecurity experts to help with its incident response.
It urged those affiliated with MBI to monitor their accounts and make use of free credit freezes and fraud alerts until it had completed its investigation.
“Throughout this process, we are grateful for the Lord’s faithfulness and for the dedicated teams and outside experts working tirelessly to protect our ministry and those we serve,” said MBI.
“We are confident that God remains sovereign over every circumstance, and we trust Him to grant wisdom and discernment as we navigate this situation together.”
MBI has various operations, or “ministries.” Chief among them is its university, which offers undergraduate, graduate, and online courses for those pursuing ministry work. It also offers aviation courses with a theology component.
More than 250,000 students have studied at MBI since it was first established in 1886.
It also runs Moody Radio, a Christian radio network/station, and a publishing arm devoted to Christian literature.
ShinyHunters’ leak site lists 86 victims since January, although the number for the year is likely higher, since those who paid extortion fees would be removed from the list of breached organizations.
The group has been linked to high-profile attacks involving Salesforce, Carnival, and Pitney Bowes.
The gang has also claimed that a Oracle PeopleSoft campaign affected more than 100 organizations, and cited a PeopleSoft breach in the details about its attack on MBI.
National security alerts were issued about ShinyHunters earlier in the year following its attack on learning platform Canvas, which compromised the data of an estimated 275 million students. ®
You must be logged in to post a comment Login