Tech

Instructure Canvas Cyberattack Exposes 275M Records Across US Schools, Including HBCUs – AfroTech

Photo of blacknewsdaily blacknewsdaily1 hour ago
0 0 2 minutes read



Instructure Inc., the parent company behind academic portal Canvas, is facing scrutiny following a cyberattack claimed by prominent hacker group ShinyHunters that disrupted schools and universities across the United States during final exams, including several Historically Black Colleges and Universities.

According to Instructure’s incident response webpage, the first breach occurred on April 29, 2026, followed by a second incident on May 7, when unauthorized activity reportedly resulted in changes to Canvas pages. In response, Instructure temporarily shut down affected services, locking students and instructors out.

“The unauthorized actor made changes to the pages that appeared when some students and teachers were logged in through Canvas. Out of caution, we temporarily took Canvas offline into maintenance mode to contain the activity, investigate, and apply additional safeguards,” Instructure said. “Due to monitoring that we implemented after the first attack, we detected and disabled the second attack approximately 10 minutes after it began. No additional data was accessed or exfiltrated in this second attack, but we chose to put Canvas into maintenance mode until we could verify both the scope of the attack and that the attackers’ access was fully closed.”

Inside The Canvas Data Breach

The company said the attack targeted Canvas through its Free-for-Teacher accounts, resulting in data theft and unauthorized page alterations. Instructure has since disabled the impacted product while it continues its investigation.

“We know that many educators rely on Free-For-Teacher, and so we are also working on solutions that will allow us to bring it back online without exposing the rest of the Canvas community to undue risk,” they added.

ShinyHunters claimed to have approximately 275 million records belonging to students, teachers, and staff and threatened to leak the data unless Instructure paid them, reports The Hacker News.

According to Instructure, the compromised data included email addresses and student ID numbers. However, there is currently no indication that ShinyHunters accessed sensitive information such as Social Security numbers, birth dates, or passwords.

On Monday, May 11, Instructure shared via its incident response page that it had reached an agreement with the attackers to have the stolen information returned and destroyed.

“We continue to work with expert vendors to support our forensic analysis, further harden our environment, and conduct a comprehensive review of the data involved,” the company wrote. “As our investigation draws closer to a conclusion, we also intend to share additional details about the root cause and lessons learned, with the goal of helping the broader education technology community better understand and defend against similar threats.”

As of Friday, May 15, 2026, Instructure said its platform is fully operational and available for use.

“Rebuilding trust takes time,” Steve Daly, CEO of Instructure, wrote on the company’s incident website. “We’re going to earn it back through consistent action and honest communication. We’re in this for you and your community.”

Steps To Prevent Cyberattacks

Cyberattacks are becoming harder to manage as schools increasingly rely on digital tools, while cybercriminals grow more sophisticated, driven in part by advances like AI.

The Cybersecurity & Infrastructure Security Agency (CISA) warns of a potential increase in large-scale, high-impact incidents that could disrupt essential services and affect both the economy and everyday life across the U.S.

Cybersecurity professionals recommend basic protective measures to reduce risk, including using strong passwords, regularly updating software, avoiding suspicious links, and enabling multi-factor authentication, per the agency. Guidance from the nation’s cyber defense authorities apply to both individuals and organizations. Experts also stress that tailored cybersecurity strategies are essential for government agencies and private entities to safeguard operations and maintain continuity.

“Every mitigated risk or prevented attack strengthens the cybersecurity of the nation,” CISA adds.

Tags
Photo of blacknewsdaily blacknewsdaily1 hour ago
0 0 2 minutes read
Photo of blacknewsdaily

blacknewsdaily

Related Articles

Photo of Netflix To Acquire Warner Bros. Discovery, Including HBO and HBO Max, For A Total Enterprise Value Of $82.7B – AfroTech

Netflix To Acquire Warner Bros. Discovery, Including HBO and HBO Max, For A Total Enterprise Value Of $82.7B – AfroTech

December 5, 2025
Photo of 5th Century Partners Closes Fund II At $276M To Further Its Investments In Founder-Owned Healthcare And Business Services – AfroTech

5th Century Partners Closes Fund II At $276M To Further Its Investments In Founder-Owned Healthcare And Business Services – AfroTech

7 days ago
Photo of Chef Virgil Harper Debuts Fine Dining Restaurant In Houston, TX Alongside Executive Chef Aliyah Watley – AfroTech

Chef Virgil Harper Debuts Fine Dining Restaurant In Houston, TX Alongside Executive Chef Aliyah Watley – AfroTech

April 18, 2026
Photo of Savannah James Expands Her Entrepreneurial Empire With A Skincare Line That Aims To Reframe How Clinical Skincare Is Viewed

Savannah James Expands Her Entrepreneurial Empire With A Skincare Line That Aims To Reframe How Clinical Skincare Is Viewed

May 20, 2025

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button