Canvas cyberattack disrupts final exams for colleges nationwide. Here's what to know

Canvas cyberattack disrupts final exams for colleges nationwide. Here's what to know

Briefly

"Schools and universities use Canvas to manage nearly all aspects of instruction. The platform acts as a gradebook, a hub for digital lectures and course materials, a discussion board for classroom projects, and a messaging platform between students and instructors. Some courses also give quizzes and exams on the platform, or use it as a portal where final projects and papers are submitted on deadline."

"The disruption tied to a cyberattack hit in the middle of finals period for many colleges, a high-stress time when students and instructors rely heavily on the platform. By late Thursday, Instructure, the parent company of Canvas, said the platform was available again to most users. Some schools, however, have continued to block students and teachers from accessing Canvas, citing an abundance of caution while assessing security threats."

"The hacking group ShinyHunters claimed responsibility for the breach, said Luke Connolly, a threat analyst at the cybersecurity firm Emsisoft. On Friday, Instructure and Canvas no longer appeared on a site where ShinyHunters lists its targets. Earlier this week, ShinyHunters said that nearly 9,000 schools and 275 million individuals' data could be leaked if schools did not pay the ransom by a deadline of May 6. The group then extended the deadline, indicating some schools had engaged with them to negotiate."

"ShinyHunters is a loose association of teenage and young adult hackers in the U.S. and the United Kingdom who have been linked to other large-scale cyberattacks, including one on Ticketmaster, Connolly said. On the page listing their targets, the group describes itself as "rooting your systems since '19," using a term for accessing a computer system's deepest layer."