Instructure Confirms Canvas Portal Defacement via Security Flaw
The U.S. House Committee on Homeland Security is seeking testimony from Instructure executives regarding the massive cyberattacks on the Canvas platform by the ShinyHunters extortion group.
The U.S. House Committee on Homeland Security is escalating its response to the recent cyberattacks against the Canvas platform, operated by Instructure. The committee is now seeking testimony from company executives regarding the incidents, which were attributed to the ShinyHunters extortion group [BleepingComputer].
The attacks allowed threat actors to steal sensitive student data and caused significant disruption to schools during final exam periods. This follows previous reports where attackers exploited a security vulnerability to modify Canvas login portals and display extortion messages, prompting widespread concern among educational institutions [Instructure].
As the investigation continues, Instructure is under pressure to provide transparency regarding the scope of the data breach and the security measures in place to prevent future compromises. Educational organizations utilizing the platform are advised to monitor official communications from Instructure and review their own security configurations for any signs of unauthorized access.