DATABREACHES [.]net reports that, in the wake of the Infinite Campus data breach, the data tranche downloaded from ShinyHunters’ leak site largely contained proprietary or client information, with no personal or sensitive employee or student data evident in most files. For purposes of the piece, only information related to students is considered, and the report notes that none of the employee data appeared to include databases with non-public personnel information.
Of particular concern was a .csv file of support requests; some tickets submitted by district staff named specific students, with those names appearing in the context of coding issues such as attendance, primary language, race, or graduation status. Two narratives contained more sensitive information and were redacted.
DataBreaches also cautioned that their search was not exhaustive, but based on keywords likely to reveal student names, and that disclosure of sensitive student information did not appear to affect many students nor to have compromised or leaked any student databases. The piece was posted on 28 March 2026.