Moody Bible Institute Data Breach Exposes Names, Emails and Dates of Birth

Non-profit data breach illustration
Breach Discovery: 15th June 2026Breach Notification: Not Publicly Disclosed

What Happened in the Moody Bible Institute Data Breach?

Moody Bible Institute recently confirmed a data breach after a group calling itself ShinyHunters targeted the institution in a “pay or leak” extortion campaign. Unlike traditional ransomware attacks, this method involves attackers stealing data and threatening to publish it unless a ransom is paid. In this case, the attackers followed through on their threat and released the stolen information publicly.

According to Moody’s disclosure, the intrusion was identified in June 2026. As a result, the organization moved quickly to assess the scope of the incident. Because the attackers had already published the data, the exposure became apparent once the stolen files appeared online, containing personal details tied to donors, students, alumni and supporters of the institute.

In response, Moody Bible Institute stated that it engaged both internal and external cybersecurity experts to investigate the incident thoroughly. This kind of forensic response is standard practice after a confirmed breach. It helps organizations determine how attackers gained access, what data was taken, and what steps are needed to prevent future intrusions.

Although the exact method of initial access has not been publicly detailed, the ShinyHunters group has been linked to numerous extortion-based attacks against organizations that store large volumes of personal data. Consequently, this breach fits a pattern seen across many similar incidents in recent years, where attackers prioritize data theft over system disruption.

Who was affected?

The Moody Bible Institute data breach affected a wide range of individuals connected to the organization. This includes donors, financial supporters, current and former students, and alumni. Because Moody Bible Institute has served students and supporters for many years, the affected population likely spans multiple generations.

Moody confirmed that over 2.3 million unique email addresses were included in the leaked data. However, the total number of affected individuals could be higher once duplicate records and associated personal details are accounted for. In addition, because the breach involves donor and alumni records, the exposure may extend to individuals who have had no direct interaction with the institute in years.

At this time, it hasn’t been publicly disclosed whether the breach specifically affected minors. Given that dates of birth were part of the leaked data, it remains an important area of concern. Affected individuals span a broad geographic range, since religious education institutions often draw support from across the country.

What Information Was Potentially Exposed?

The data published by the attackers included several categories of personal information. This information could be used by malicious actors for identity theft, targeted phishing or other fraudulent activity.

  • Full names
  • Email addresses
  • Physical addresses
  • Phone numbers
  • Dates of birth
  • Genders
  • Marital statuses

Although this breach did not appear to include Social Security numbers or financial account details, the exposed data is still valuable to cybercriminals. For example, names combined with dates of birth and addresses can help attackers build convincing profiles for identity theft or fraud schemes. This kind of information is often used to answer security questions or verify identity with financial institutions.

In addition, because email addresses and phone numbers were exposed, affected individuals face a heightened risk of phishing and smishing attempts. Attackers frequently use leaked personal details to craft messages that appear legitimate. As a result, victims may be more likely to click malicious links or share additional sensitive information without realizing they are being targeted.

What is the company doing?

Moody Bible Institute responded to the breach by launching an investigation involving both internal staff and external cybersecurity specialists. This step is designed to determine the scope of the intrusion and identify any vulnerabilities that allowed the attackers to access their systems.

Because the attackers already leaked the stolen data publicly, Moody’s immediate priority has shifted toward transparency and remediation. The institute issued a public disclosure notice acknowledging the incident and outlining the categories of information involved. Moving forward, affected individuals should watch for any additional updates as the investigation continues, including guidance on protective measures if new information becomes available.

What Should Affected Individuals Do?

Monitor Your Credit Reports

Affected individuals should regularly check their credit reports for unfamiliar accounts or inquiries. Even though financial account numbers were not confirmed as exposed, personal details like names and dates of birth can still be misused to open new credit lines.

You can request free credit reports from the three major credit bureaus. Reviewing these reports every few months makes it easier to catch suspicious activity early. If you notice anything unusual, report it immediately to the credit bureau and consider placing a fraud alert on your file.

Stay Alert for Phishing Attempts

Because email addresses and phone numbers were exposed, affected individuals should be cautious about unexpected messages. Scammers often use stolen contact information to send convincing phishing emails or text messages that appear to come from trusted organizations.

Avoid clicking on links or downloading attachments from unfamiliar senders. Instead, verify any suspicious communication by contacting the organization directly through official channels. This simple habit can prevent many common phishing scams from succeeding.

Consider a Fraud Alert or Credit Freeze

Given that personal identifying details were exposed, placing a fraud alert or credit freeze can add an extra layer of protection. A fraud alert requires creditors to verify your identity before opening new accounts in your name.

A credit freeze goes a step further by restricting access to your credit file entirely. While this may require extra steps when applying for credit yourself, it significantly reduces the risk of someone else opening accounts using your information.

Protect Your Personal Information Going Forward

Affected individuals should also review their online accounts for reused passwords or outdated security settings. Because personal details like birth dates and marital status were exposed, attackers may attempt to guess security question answers on other accounts.

Updating passwords and enabling two-factor authentication wherever possible can help reduce this risk. In addition, consider reviewing privacy settings on social media accounts, since combined data points can make it easier for scammers to impersonate you convincingly.

Consult a Data Breach Attorney

If you were affected by this breach, it may be worth speaking with a data breach attorney to understand your legal options. Many attorneys offer free consultations to evaluate whether you qualify for compensation.

Because large-scale data breaches often lead to class action lawsuits, staying informed about your rights is important. An attorney can help clarify deadlines, potential compensation, and the steps needed to protect your interests moving forward.



Related Data Breaches