Publishing giant Scholastic has suffered a cyberattack and lost data on millions of individuals. A hacker with the alias “Parasocial” claims to have stolen the data through an employee portal.

According to the monitoring site “Have I Been Pwned,” the data breach featured 4,247,768 individuals occurring on January 8, 22025 and includes email addresses, names, phone numbers, and physical addresses. The contacts include customers and “education contacts.”

It has been reported that Parasocial gained access by stealing login credentials from an employee throught malware. An export limit on Scholastic’s server prevented even more data being stolen. Parasocial said they had no intention in making the data public and instead criticized Scholastic for their security practices.

Scholastic said they were looking into the claim according to the Daily Dot.