Moody Bible Institute Investigates Alleged Data Breach by ShinyHunters
Moody Bible Institute (MBI), a private evangelical Christian institution based in Chicago, is investigating claims that its systems were compromised after appearing on a dark web extortion site operated by the ShinyHunters threat group. The cybercriminal collective alleges it stole over 23 GB of sensitive data, including approximately 1,300 files and "tens of millions of records" from MBI’s systems.
In a statement to CyberInsider, MBI confirmed awareness of the breach claim and has engaged cybersecurity experts to assess its validity and potential impact. The institution has not yet verified the threat actor’s claims, which remain unconfirmed at this stage.
According to ShinyHunters’ dark web posting, the stolen data allegedly spans multiple institutional platforms, including enrollment, donor relations, payroll, and communications systems. The group claims the dataset includes:
- 46 million communication records
- 2.2 million enrollment lead records
- 108,000+ biographical records containing personal details such as addresses and birth dates
The threat actor specifically referenced data from systems like MBI’s EDC, Salesforce leads, PeopleSoft communications, Horizon SIS, WHPD donor databases, and Cadence admissions platforms.
ShinyHunters, known for high-profile data theft and extortion campaigns, has previously targeted organizations by leaking stolen data to pressure victims into paying ransoms. MBI, founded in 1886, serves students, alumni, donors, and ministry partners across the U.S. and internationally through its college, seminary, and publishing operations.
The investigation is ongoing, with further updates expected as cybersecurity specialists determine the scope and authenticity of the breach.
Source: https://cyberinsider.com/moody-bible-institute-investigates-potential-data-breach-incident/
Moody Bible Institute TPRM report: https://www.rankiteo.com/company/moody-bible-institute
"id": "moo1781786358",
"linkid": "moody-bible-institute",
"type": "Breach",
"date": "6/2026",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 'Students, alumni, donors, and '
'ministry partners',
'industry': 'Education',
'location': 'Chicago, USA',
'name': 'Moody Bible Institute',
'type': 'Educational Institution'}],
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': 'Tens of millions (46 million '
'communication records, 2.2 '
'million enrollment lead '
'records, 108,000+ biographical '
'records)',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High (personal details such as '
'addresses and birth dates)',
'type_of_data_compromised': ['Communication records',
'Enrollment lead records',
'Biographical records']},
'description': 'Moody Bible Institute (MBI) is investigating claims that its '
'systems were compromised after appearing on a dark web '
'extortion site operated by the ShinyHunters threat group. The '
'cybercriminal collective alleges it stole over 23 GB of '
"sensitive data, including approximately 1,300 files and 'tens "
"of millions of records' from MBI’s systems.",
'impact': {'data_compromised': 'Over 23 GB of sensitive data, including 1,300 '
'files and tens of millions of records',
'identity_theft_risk': 'High',
'systems_affected': ['Enrollment systems',
'Donor relations systems',
'Payroll systems',
'Communications systems']},
'initial_access_broker': {'data_sold_on_dark_web': 'Alleged'},
'investigation_status': 'Ongoing',
'motivation': 'Extortion',
'ransomware': {'data_exfiltration': 'Yes'},
'references': [{'source': 'CyberInsider'}],
'response': {'communication_strategy': 'Statement to CyberInsider',
'incident_response_plan_activated': 'Engaged cybersecurity '
'experts to assess validity '
'and impact',
'third_party_assistance': 'Cybersecurity experts'},
'threat_actor': 'ShinyHunters',
'title': 'Moody Bible Institute Alleged Data Breach by ShinyHunters',
'type': 'Data Breach'}