Instructure, the company behind the Canvas learning management system, has disclosed a cybersecurity incident involving a criminal threat actor. The company is investigating with outside forensics experts and has taken some services offline, including Canvas Data 2 and Canvas Beta. No details have been shared about the nature or scope of the breach. This follows a separate September 2025 breach via social engineering that exposed Salesforce data, claimed by ShinyHunters. Education technology firms are increasingly targeted due to the large volumes of student and teacher personal data they hold.
Sort: