Listen to the article
Educational institutions across the United States are gradually recovering from a significant cyberattack that crippled Canvas, a widely used online learning management system. The disruption, occurring during the critical finals period for many colleges, left students and faculty without access to essential academic resources including exams, course materials, lecture videos, and grade records.
By Thursday evening, Instructure, Canvas’s parent company, announced the platform had been restored for most users, though some institutions continue to restrict access as they evaluate potential security risks.
Cybersecurity firm Emsisoft confirmed that hacking group ShinyHunters claimed responsibility for the breach. The group, which previously appeared on a site listing its targets, was no longer displaying Instructure and Canvas on that list as of Friday.
Canvas serves as the digital backbone for thousands of schools and universities, functioning as a comprehensive educational hub. The platform manages virtually all aspects of modern instruction, from hosting digital lectures and course materials to facilitating classroom discussions, administering exams, and enabling communication between students and instructors. For many courses, Canvas also serves as the primary portal for submitting final projects and papers under strict deadlines.
According to cybersecurity expert Luke Connolly, ShinyHunters consists of teenage and young adult hackers operating primarily from the United States and United Kingdom. The group has been linked to several high-profile cyberattacks, including one targeting Ticketmaster. ShinyHunters describes itself as “rooting your systems since ’19,” referring to its practice of accessing a computer system’s deepest layer.
Earlier in the week, the group threatened to leak data from nearly 9,000 schools affecting approximately 275 million individuals if ransom demands weren’t met by May 6. The hackers later extended this deadline, suggesting some institutions had entered negotiations. The group has since declined to comment further on the incident.
Educational institutions have become increasingly attractive targets for cybercriminals due to the vast amounts of personally identifiable information they store on students, faculty, and staff. Recent years have seen attacks on individual districts like Minneapolis Public Schools and Los Angeles Unified School District, as well as vendor platforms such as Canvas and PowerSchool that have become integral to modern educational operations.
The service disruption’s impact on academic schedules has been substantial. The University of Massachusetts at Dartmouth postponed exams scheduled for Friday and Saturday to ensure students could access course materials that were unavailable during the outage. Similarly, the University of Illinois rescheduled all weekend examinations for all classes, regardless of whether they utilized Canvas. Montgomery County Public Schools in Maryland continued limiting Canvas access on Friday “while we work to better understand the full impact of the incident and any potential vulnerabilities.”
Regarding data security, Instructure’s chief information security officer Steve Proud stated that the breach appeared to involve student ID numbers, email addresses, names, and messages on the Canvas platform. The company has not found evidence that passwords, birth dates, government identification, or financial information were compromised.
Despite Canvas’s return to operation, cybersecurity experts urge affected students and educators to remain vigilant. There’s concern that additional malicious actors might exploit the situation through phishing attacks, potentially impersonating school districts to obtain sensitive information or credentials.
“Be very suspicious of any inbound messages,” advises Cliff Steinhauer, director of information security and engagement at the National Cybersecurity Alliance, particularly those requesting urgent action.
Security experts emphasize that this incident highlights the importance of good “cyber hygiene” practices, including creating strong passwords, enabling multifactor authentication, and monitoring accounts for suspicious activity. The Federal Trade Commission notes that major credit bureaus offer free credit freezes and fraud alerts to help protect consumers from identity theft following such breaches.
The Canvas incident represents the latest in a troubling trend of cyberattacks targeting educational infrastructure, underscoring the growing security challenges faced by institutions increasingly dependent on digital platforms for their core academic functions.
Fact Checker
Verify the accuracy of this article using The Disinformation Commission analysis and real-time sources.
9 Comments
I hope Instructure and the affected schools can quickly resolve any lingering security issues and restore full functionality of Canvas. Students shouldn’t have to worry about technology failures during finals.
Cyberattacks on educational platforms are becoming increasingly common. Canvas serves as a vital hub for many institutions, so this outage must have caused major headaches for both students and faculty trying to access course materials and assessments.
Agreed. Educational institutions need to invest more in cybersecurity to protect their core digital infrastructure and ensure uninterrupted access, especially during high-stakes exam periods.
This is a concerning incident for students and faculty who rely on Canvas for their academic work. Cybersecurity threats can significantly disrupt education, and institutions need robust contingency plans to mitigate such outages during critical exam periods.
The Canvas outage during finals is a frustrating situation for students. I hope the affected institutions can quickly restore access to essential academic resources and minimize the impact on students’ end-of-semester assessments.
This Canvas outage is a major inconvenience for students trying to complete their final exams and projects. I hope the affected institutions can get the platform fully operational again soon to minimize further academic disruptions.
Cyberattacks like this highlight the vulnerability of our educational systems to digital disruptions. Schools must prioritize strengthening their cybersecurity measures to safeguard the learning experience for students.
Responsible cybersecurity practices are essential for educational institutions that rely heavily on digital platforms like Canvas. This incident demonstrates the need for robust backup and recovery plans to maintain continuity of services.
Absolutely. Schools must invest in comprehensive cybersecurity frameworks to protect their critical systems and data from malicious actors. The education sector is a prime target for cyberattacks.