"ShinyHunters has breached Instructure (again). Instead of contacting us to resolve it they ignored us and did some 'security patches,' read a message multiple Canvas users received when they tried to log in to the platform on Thursday. If any schools in the affected list are interested in preventing the release of their data, please consult with a cyber advisory firm and contact us privately at TOX to negotiate a settlement. You have till the end of the day by 12 May 2026 before everything is leaked. Instructure still has until EOD 12 May 2026 to contact us."
"The group had previously given Instructure until Wednesday to pay a ransom, threatening to leak all the data if the company didn't pay by the deadline. But according to ShinyHunters-which is also linked to recent data breaches at the University of Pennsylvania and Princeton and Harvard Universities-Instructure didn't respond to those demands in time. Instead, the company said earlier this week that it had addressed the breach by deploying security measures, including revoking privileged credentials and access tokens associated with affected systems; deploying patches to enhance system security; rotating certain keys, even though there is no evidence they were misused; and implementing increased monitoring across all platforms."
"Instructure posted Wednesday that "Canvas is fully operational, and we are not seeing any ongoing unauthorized activity." But by Thursday afternoon, Instructure acknowledged there was trouble. Students and faculty who use Canvas for course delivery reported receiving a message from the criminal extortion group ShinyHunters, which earlier this week claimed to have compromised the personal identifying information of 275 million people across 9,000 institutions, including students, teachers and staff."
ShinyHunters sent messages to students and faculty using Instructure Canvas, claiming it had breached the platform again. The messages demanded that schools consult a cyber advisory firm and contact the group privately to negotiate a settlement to prevent data release. The deadline stated was the end of the day by 12 May 2026, with Instructure given until the end of day 12 May 2026 to contact the group. Earlier, ShinyHunters had threatened to leak data if a ransom was not paid by Wednesday. Instructure previously said it resolved the breach by revoking privileged credentials and access tokens, deploying security patches, rotating certain keys, and increasing monitoring. Instructure reported Canvas was fully operational and showed no ongoing unauthorized activity, but later acknowledged trouble by Thursday afternoon.
Read at Inside Higher Ed | Higher Education News, Events and Jobs
Unable to calculate read time
Collection
[
|
...
]