Canvas Breach Disrupts Schools & Colleges Nationwide

A widespread cyberattack targeting the education technology platform Canvas disrupted classes and coursework across numerous U.S. school districts and universities. The cybercrime group ShinyHunters defaced Canvas’s login page with a ransom demand threatening to leak data from 275 million students and faculty members spanning nearly 9,000 educational institutions. The attack followed an earlier data breach disclosed by Canvas’s parent company, Instructure, which confirmed that certain user information, including names, email addresses, student ID numbers, and private messages, had been compromised. Instructure acknowledged the breach and stated that no sensitive data such as passwords, dates of birth, government identifiers, or financial information appeared to have been accessed. Although the company initially reported that the incident was contained and Canvas was fully operational, the ransom message appeared on the login page shortly afterward, causing widespread disruption. The extortion group demanded ransom payments from individual schools to prevent the public release of stolen data, complicating the response efforts and raising concerns about the security of educational data. The timing of the attack has intensified its impact, as many affected institutions are in the midst of final exams, making the outage particularly damaging for students and faculty relying on Canvas for coursework and communication. Instructure has indicated that the platform is undergoing scheduled maintenance and promised updates as they work to restore full service. Meanwhile, the breach underscores growing vulnerabilities in education technology systems, which have become critical infrastructure for remote and hybrid learning environments. This incident highlights the escalating threat posed by cybercriminals targeting education sectors, where vast amounts of personal data are stored and where disruptions can have significant academic and operational consequences. The attack also raises questions about the adequacy of current cybersecurity measures in educational institutions and the responsibilities of platform providers to safeguard sensitive information amid increasing digital reliance.