Particle.news
Get it on Google Play
Download on the App Store
129 ARTICLES
·
last mo.

Canvas Cyberattack Disrupts Finals as Hacker Issues Ransom Deadline

Extortion tactics against a central classroom platform highlight the risk of vendor hacks to tens of millions of students.

A redacted screenshot of the message ShinyHunters left on the hacked login pages of Instructure's platform Canvas. (Image: TechCrunch)
Image
Image
Image

Overview

  • Canvas, which went offline Thursday for many users, locked students out of exams and course materials during finals.
  • The criminal group ShinyHunters posted ransom notes on campus login pages and set a May 12 deadline to prevent data leaks.
  • Instructure, the company behind Canvas, put the system in maintenance mode, engaged outside forensics, and said access was restored for most users by late Thursday.
  • The company said exposed data appears limited to names, email addresses, student IDs and messages, with no evidence of password, birth date or financial data theft so far.
  • Attackers claim data tied to nearly 9,000 institutions and hundreds of millions of users, a scale that remains unverified as schools and national cyber agencies assess risks and warn about phishing.