What is the story about?
The Canvas learning management system, widely used by thousands of educational institutions, resumed service on Friday after experiencing an outage caused
by a cyberattack that disrupted students' preparation for final exams. The hacking group known as ShinyHunters claimed responsibility for the breach, according to Luke Connolly, a threat analyst at the cybersecurity firm Emisoft. Instructure, the company that operates Canvas, announced that the system was available for most users in an update released late Thursday.
Impact of the Cyberattack
Canvas serves as a vital platform for managing grades, course materials, assignments, and lecture videos. The hacking group reported that nearly 9,000 schools globally were affected, with billions of private messages and other sensitive records potentially accessed, as noted by Connolly.Screenshots shared by Connolly indicated that the group began threatening to leak the stolen data starting Sunday. By Friday, both Instructure and Canvas had been removed from a leak site created by the ransomware group on the dark web.
Student and Faculty Reactions
The outage occurred at a critical time, leading students to express their concerns on social media as they struggled to access course materials needed for final exam preparation. Faculty members were compelled to devise alternative methods to assist students in completing their final assignments.Some institutions, including the University of Texas at San Antonio, announced postponements for finals originally scheduled for Friday due to the system's unavailability. In contrast, Princeton University communicated via X late Thursday that Canvas appeared to be operational again, with its IT staff closely monitoring the situation.
Cybersecurity Concerns
Schools, rich in digital data, have become prime targets for cybercriminals who are increasingly exploiting sensitive information that was once securely stored in physical formats. Previous attacks have targeted major districts, such as Minneapolis Public Schools and the Los Angeles Unified School District.Instructure has not publicly addressed the attack on its social media platforms and did not respond to inquiries from The Associated Press regarding whether a ransom was paid or the status of the compromised data.
Background on ShinyHunters
Connolly described ShinyHunters as a loosely organized group of young adults based in the United States and the United Kingdom. The group has been linked to other cyberattacks, including one targeting Live Nation’s Ticketmaster subsidiary.This incident bears resemblance to a previous breach involving PowerSchool, which also offers educational management tools, leading to legal charges against a student in Massachusetts.
