CRIME & LAW

United States firm settles with hackers after education megabreach

▪

Read, Watch or Listen

United States firm settles with hackers after education megabreach

Media Bias Meter

Sources: 2

Center 100%

Sources: 2

U.S.-based educational technology firm Instructure has confirmed it struck a formal agreement with the cybercrime group ShinyHunters after a massive breach of its Canvas learning management system. Detected in early May 2026, the incident exposed 3.65 terabytes of data tied to about 275 million users at 8,809 universities and K–12 institutions worldwide. On May 7, attackers defaced the Canvas login page with a ransomware note during final exams at several U.S. universities. Instructure says passwords, birth dates, and financial details were not taken but acknowledges theft of private messages, names, student IDs, and emails. Schools are now auditing local systems.

Prepared by Emily Rhodes and reviewed by editorial team.

Timeline of Events

Early May 2026 Instructure detects unauthorized Canvas access
May 7 2026 ShinyHunters deface Canvas login page
May 7 2026 Ransomware note disrupts university exams
Early May 2026 Attackers exfiltrate 3.65 terabytes data
Early May 2026 Records of 275 million users compromised
Early May 2026 Free-For-Teacher accounts exploited initially
May 11 2026 Instructure issues public apology statement
Mid May 2026 Company announces settlement, data destruction

Why This Matters to You

This breach affects millions of students and educators. If you or your family use Canvas, your private messages, names, student IDs, and emails might be exposed. Check your account for unusual activity. Change your password and review your privacy settings.

The Bottom Line

Instructure's settlement with ShinyHunters doesn't undo the breach. It's a stark reminder of the importance of cybersecurity in our digital age. Protect your personal information vigilantly. Worth forwarding if you know someone in the education sector.