Moody Bible Institute Data Breach Exposes 2.3 Million Users’ Personal Data

In Cybersecurity News - Original News Source is cybersecuritynews.com by Blog Writer

Spread the love

Moody Bible Institute has confirmed a significant data breach after threat actors linked to the ShinyHunters extortion group published personal information belonging to over 2.3 million individuals. The exposed dataset includes donors, supporters, students, and alumni associated with the institute.

In June 2026, Moody Bible Institute became the target of a ShinyHunters “pay or leak” extortion campaign, a tactic increasingly favored by financially motivated threat actors who exfiltrate data and threaten public exposure unless a ransom is paid. When negotiations failed or went unmet, the attackers followed through on their threat, publishing the stolen dataset on underground forums and leak sites.

According to HIBP, the compromised dataset contains over 2.3 million unique email addresses paired with additional personally identifiable information (PII), making this one of the larger breaches affecting a faith-based educational institution in recent memory.

In its official disclosure notice, Moody Bible Institute stated it had “engaged both internal and external cybersecurity experts to thoroughly investigate the matter,” signaling an active forensic response alongside likely regulatory and legal consultation.

Moody Bible Institute Data Breach

The exposed records reportedly include the following data types:

  • Dates of birth
  • Email addresses
  • Genders
  • Marital statuses
  • Full names
  • Phone numbers
  • Physical addresses

This combination of data points raises concerns beyond typical email-based phishing risks. The presence of dates of birth, marital status, and physical addresses creates a robust profile suitable for identity theft, social engineering, and targeted phishing campaigns, particularly against an older or more trusting demographic often associated with religious donor bases.

ShinyHunters has built a reputation for large-scale data theft operations targeting organizations across sectors, monetizing stolen data through extortion rather than immediate resale. This breach fits a familiar pattern: infiltrate, exfiltrate, demand payment, and leak upon refusal.

For affected individuals, the risk extends beyond spam. Threat actors can leverage the granular PII, particularly full names combined with dates of birth and addresses, for account takeover attempts, synthetic identity fraud, and highly personalized phishing lures referencing the victim’s donor or alumni relationship with Moody.

Individuals who may have donated to, studied at, or otherwise engaged with Moody Bible Institute should:

  • Monitor financial accounts and credit reports for unusual activity
  • Enable multi-factor authentication on email and financial accounts
  • Treat unsolicited communications referencing Moody Bible Institute with skepticism
  • Check exposure status via Have I Been Pwned

Moody Bible Institute has not yet disclosed the initial attack vector or confirmed whether law enforcement has been engaged. Cyber Security News will update this report as more details emerge from the institute’s ongoing investigation.

 Strengthen Your SOC by Accelerating Threat Detection & Rapid Investigations. -> Integrate ANY.RUN With Your SOC Now.