Canvas Learning System Restored After Cyberattack Disruption
Instructure has confirmed that the Canvas learning platform was hit by two rounds of unauthorized activity, as the ShinyHunters extortion group threatens to leak data from millions of students and staff.
Instructure has officially confirmed that its Canvas online learning platform suffered two distinct rounds of unauthorized activity within a two-week period. The incident caused significant disruption, forcing the platform offline last Thursday and leaving thousands of schools, colleges, and universities without access to essential course materials and grades during critical final exam and testing periods [The Register].
The data-extortion group known as ShinyHunters has claimed responsibility for the breach, threatening to leak a massive database they allege contains the personal information of over 275 million students, teachers, and staff members across nearly 9,000 institutions worldwide. The scale of the potential exposure has raised alarms regarding the security of sensitive educational data stored within the platform [The Register].
Instructure reports that the Canvas platform is now fully back online and available to users. The company is continuing to investigate the extent of the unauthorized access and the validity of the data theft claims made by the extortionists. Users are advised to monitor official communications from their respective educational institutions for further guidance on potential data exposure.