The online education platform Canvas went offline after a data breach on Thursday, leaving millions of students and faculty at thousands of U.S. colleges and K-12 schools without access to course materials during finals week.
Key Takeaways
The online education platform Canvas experienced a significant data breach, causing widespread disruptions for millions of users across thousands of U.S. colleges and K-12 schools during final exams. The hacker group ShinyHunters claimed responsibility, threatening to release sensitive data unless affected institutions negotiated settlements by May 12, 2026.
- Canvas went offline after a data breach on Thursday, affecting 30 million users at half of North American higher education institutions.
- Hackers threatened to leak student and teacher data from nearly 9,000 schools worldwide unless negotiations were conducted through the encrypted chat platform Tox.
- Instructure confirmed that the breach involved identifying information but no passwords or financial details. The company has temporarily shut down its Free-for-Teacher accounts.
- Several universities postponed or canceled final exams due to the disruption, with some institutions advising users to stay vigilant against phishing attempts.
According to NPR, the hacker group ShinyHunters claimed responsibility for the breach, which affected 30 million users, including those at half of North American higher education institutions. The group threatened to release sensitive data from nearly 9,000 schools worldwide unless affected institutions negotiated settlements by May 12, 2026.
Instructure, Canvas's parent company, confirmed the breach but stated that only identifying information like names and email addresses was compromised. The company has temporarily shut down its Free-for-Teacher accounts as a precautionary measure. As reported by The Los Angeles Times, several universities across California and other states postponed or canceled final exams due to the disruption.
Many institutions advised users to be vigilant against phishing attempts, with some schools taking additional measures such as disabling Canvas access until they were confident in the system's security. The breach has highlighted the vulnerability of relying on a single centralized platform for academic operations and raised concerns about data privacy and cybersecurity in educational settings.
How this summary was created
This summary synthesizes reporting from 3 independent publishers using AI. All sources are cited and linked below. NewsBalance is a news aggregator and media literacy tool, not a news publisher. AI-generated content may contain errors or inaccuracies — always verify important information with the original sources.