Cyber Security News

Furry Hacker Breaches Scholastic – Exposes Data of 8 Million People

The education and publishing giant Scholastic has fallen victim to a significant data breach affecting approximately 8 million people.

The breach, which has been attributed to a self-proclaimed “furry” hacker going by the alias “Parasocial,” was first reported by the Daily Dot.

Scholastic is a household name and a global leader in educational materials for pre-kindergarten through grade 12 students.

It is also known for publishing iconic children’s book series such as Harry PotterThe Hunger GamesClifford the Big Red Dog, and Goosebumps.

However, this reputation has been marred by the news of the breach, which reportedly exposed a mix of names, email addresses, phone numbers, and home addresses for U.S.-based customers and educators.

Some of the compromised data even included the full names of children registered by their parents.

Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free

How the Breach Unfolded

The hacker allegedly gained access to the data by stealing login credentials from a Scholastic employee who had been infected with malware.

Parasocial claimed that they infiltrated the company’s employee portal and managed to extract a vast dataset before being thwarted by an export limit on Scholastic’s servers.

The breach primarily included 4,247,768 unique email addresses, of which over 1 million belonged to “education contacts.” Teachers and administrators were reportedly among the most affected groups, as the breach included school-related information.

Data Stolen

Parasocial shared their motivation in a statement to the Daily Dot, remarking that the attack stemmed from boredom rather than financial gain.

The hacker indicated they had no intention of making the data public but issued a stern critique of Scholastic’s lax security practices. “To Scholastic; lol get pwned.

This is a lesson to be learned the hard way. … Use MFA,” Parasocial said, urging the company to implement multi-factor authentication.

Adding an unusual twist, Parasocial requested a shout-out to “the puppygirl hacker polycule,” an apparent nod to the furry community—a subculture known for its interest in anthropomorphic animal characters.

While the furry community is not typically associated with cybercrime, it has, in the past, intersected with tech-savvy groups. One of them is SiegedSec, a hacktivist collective that disbanded after carrying out similar high-profile breaches.

Scholastic’s Response

In response to the breach, Scholastic stated they are taking the matter seriously and have launched a thorough investigation.

“Scholastic takes the security of our customers’ data seriously with extensive systems and protocols, and [we] are investigating this claim thoroughly,” a company representative noted, by DailyDot.

This incident underscores the growing need for robust cybersecurity measures, particularly for organizations managing sensitive data related to children and education.

Find this News Interesting! Follow us on Google NewsLinkedIn, and X to Get Instant Updates!

Divya

Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Recent Posts

Hack The box “Ghost” Challenge Cracked – A Detailed Technical Exploit

Cybersecurity researcher "0xdf" has cracked the "Ghost" challenge on Hack The Box (HTB), a premier…

11 hours ago

Sec-Gemini v1 – Google’s New AI Model for Cybersecurity Threat Intelligence

Google has unveiled Sec-Gemini v1, an AI model designed to redefine cybersecurity operations by empowering…

11 hours ago

U.S. Secures Extradition of Rydox Cybercrime Marketplace Admins from Kosovo in Major International Operation

The United States has successfully extradited two Kosovo nationals, Ardit Kutleshi, 26, and Jetmir Kutleshi,…

16 hours ago

Ivanti Fully Patched Connect Secure RCE Vulnerability That Actively Exploited in the Wild

Ivanti has issued an urgent security advisory for CVE-2025-22457, a critical vulnerability impacting Ivanti Connect…

2 days ago

Beware! Weaponized Job Recruitment Emails Spreading BeaverTail and Tropidoor Malware

A concerning malware campaign was disclosed by the AhnLab Security Intelligence Center (ASEC), revealing how…

2 days ago

EncryptHub Ransomware Uncovered Through ChatGPT Use and OPSEC Failures

EncryptHub, a rapidly evolving cybercriminal entity, has come under intense scrutiny following revelations of operational…

2 days ago