Perhaps it is time to return to the Blue Book.
Instructure, the company behind the Canvas learning platform, has confirmed a major data breach linked to the hacking group ShinyHunters, exposing personal data from millions of students, teachers, and staff atCanvas, a platform used by over 8,000 universities and K-12 schools for course websites, assignments and communication, shut down for several hours on Thursday.
A hacking group claimed responsibility for a data breach affecting the company that owns the platform, jeopardizing the personal data of millions of students and teachers. Instructure, which provides Canvas to about half of all colleges and universities in North America, said late Thursday in an alert posted on its website that the software was available for most users. But the company added that two separate services, Canvas Beta and Canvas Test, remained in maintenance mode.
Several prominent universities, including the University of Michigan and Harvard, alerted students earlier on Thursday that Canvas was unavailable. Across the country, students have been preparing for, or are already taking, their final exams. Instructure, which did not immediately respond to a request for comment, said earlier that it was investigating why the software was unavailable. So this has been happening so far all morning.
My uni boys couldn’t submit assignments or log into Canvas today due to worldwide hack of their accounts. Basically all their personal data information passport student ID,The hack was discovered when a University of Washington student tried to log in to Canvas and was greeted by a message from the hacking group ShinyHunters, which claimed to have “breached” the The note, reported by different student news outlets, demanded ransoms to prevent data leaks from the platform.
A student at the University of Pennsylvania said he was logged out of his Canvas account while studying for finals. Professors had to scramble to send class materials in other ways, the student said. Universities across the country, including Columbia University, Rutgers, Princeton, Kent State, Harvard and Georgetown issued statements alerting students to the hack impacting institutions nationwide. School districts in California, Florida, Georgia, Oklahoma, Oregon, Nevada, North Carolina, Tennessee, Utah, Virginia, Texas and Wisconsin also reported being affected.
ShinyHunters is a notorious black-hat cybercriminal hacking and extortion group that first emerged around 2019-2020 and has been responsible for hundreds of major data breaches affecting millions of users worldwide. The group operates primarily for financial gain, using a “pay or leak” extortion model: they demand ransom from breached organizations and release stolen data on dark web forums if payment is refused.
The group operates under the leadership of a persona known as ShinyCorp – also referred to as sp1d3rhunters or shinyc0rp across Telegram channels. Google’s Threat Intelligence Group tracks ShinyHunters-attributed activity under multiple threat clusters: UNC6040, UNC6240, and UNC6661, which allows researchers to differentiate between specific campaigns and operational roles within the broader organization. ShinyHunters has not operated without consequence.
In May 2022, Sébastien Raoult – a French programmer tied to the group – was arrested in Morocco and extradited to the United States. In January 2024, he was sentenced to three years in prison and ordered to return five million dollars. In June 2025, French authorities arrested four additional suspected members linked to BreachForums administration. Arrests have slowed the group temporarily, but have not stopped them.
Operations continued through and after each law enforcement action. I will simply note that this hack occurred during finals week for many schools. I may be revealing a bit too much about my age, but perhaps it is time to go back to The Blue Book for exams.
The attack exposes a vulnerability that goes far beyond Instructure’s server architecture: American education, from K-12 to the Ivy League, has become dangerously consolidated onto a handful of corporate platforms, leaving millions of students and their personal data hostage to the security practices of vendors. Though ShinyHunters has already felt the sting of law enforcement and is a known hacking group, history shows that arrests merely slow them; they don’t stop them.
Perhaps the real lesson here isn’t about cybersecurity at all; it’s about the hubris of an educational establishment that digitized everything and contingency-planned nothing. One of DW’s ranching buddies is the principal of a school for at-risk teens. His school got hit with a ransomware attack several days ago . They can’t even get into their own systems and are struggling over what to do.
Cyberwar Education Google Higher Education United States
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Regina German Club fundraising for major repairs following roof leakThe German Club is on a fundraising campaign to help complete a major repair on the roof of their longtime club house.
Read more »
B.C. nurse's identity stolen in CRA hack, but impostor remains unchargedA B.C. nurse whose identity was stolen after her Canada Revenue Agency account was hacked says the CRA seems uninterested in pursuing the impostor who received a bogus refund in her name. The impostor may be known to authorities in Alberta, but no charges have been filed in this case.
Read more »
Uncertainty for summer students after cyberattackStudents taking summer classes at the University of British Columbia are facing uncertainty due to the Instructure cybersecurity breach.
Read more »
UFC President Confirms McGregor Fight This SummerThe Executive Vice President and UFC President and CEO, Dana White, confirmed that Conor McGregor will return to the Octagon in the summer.
Read more »