Canvas went down after its parent company, Instructure, recently confirmed a major data breach affecting student names, email addresses, ID numbers, and messages.
On Thursday, students trying to access the learning management platform were shown a ransom-style message that appeared to come from the hacking group ShinyHunters.
In the message, ShinyHunters claimed it had breached Instructure again and accused the company of ignoring its attempts to resolve the issue. The group warned that schools on its affected list should contact a cyber advisory firm and negotiate privately to prevent their data from being released. The hackers set a deadline of May 12, 2026, before the data would allegedly be leaked.
The message also included a link to a list of schools that ShinyHunters claims were breached through Canvas. Instructure later said on its status page that Canvas, Canvas Beta, and Canvas Test had been placed in maintenance mode. The company said it expected the services to return soon and would share updates as they became available.
Last week, Instructure said it had deployed security patches after the breach to strengthen its systems. ShinyHunters, which has previously claimed responsibility for attacks involving Ticketmaster, AT&T, Rockstar Games, ADT, and Vercel, reportedly says its data leak site includes 9,000 schools and data tied to 275 million students, teachers, and staff.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
