Canvas Breach Disrupts Schools & Colleges Nationwide – Krebs on Security

The cybercrime group ShinyHunters has launched a major data extortion attack against Instructure's Canvas platform, disrupting classes and coursework at thousands of schools and universities across the US during final exam season. ShinyHunters defaced Canvas login pages with a ransom demand threatening to leak data from 275 million students and faculty across nearly 9,000 institutions, forcing Instructure to take the platform offline. Security researchers say this is at least the third breach of Instructure by ShinyHunters in eight months, and that Instructure's May 2 claim of containment was false. The stolen data reportedly includes names, email addresses, student IDs, and potentially billions of private messages. ShinyHunters, known for voice phishing and social engineering attacks, is simultaneously running multiple extortion campaigns against other high-profile organizations including ADT, Medtronic, and Rockstar Games.