Skip to content

Canvas Platform Offline: Extortion Attack on Millions of Student Records

In brief: Canvas went offline after extortionists replaced the login page with a ransom demand and threatened to publish data on 25.5 million individuals from educational institutions.

The learning platform Canvas was taken offline following an extortion attack. The group ShinyHunters claims to have stolen data on 25.5 million students and staff members from nearly 27,212 educational institutions.

The popular learning platform Canvas, operated by Instructure, has become inaccessible following a data breach and an active extortion campaign. On Thursday, May 21, attackers replaced the login page with a ransom demand. The cybercriminal group ShinyHunters claimed responsibility and threatened to publish records of 25.5 million students and staff members from nearly 27,212 educational institutions unless payment was made.

Instructure confirmed that the security breach exposed names, email addresses, student ID numbers, and private messages between students and teachers. The company stated that passwords, dates of birth, identification numbers, or financial information were not included in the compromised data. ShinyHunters claims, however, to have obtained multiple billion private messages between students and teachers as well as telephone numbers and email addresses. The original payment deadline of May 28 was later extended.

The shutdown occurs at an inopportune time for schools and universities: many affected institutions are currently in the midst of final examination periods. A prolonged outage could have significant impact on the conduct of academic work and examinations. Instructure took Canvas offline with a maintenance message and announced it would provide updates as quickly as possible.


Source: ainews-dev.lumi-systems.io · Published May 17, 2026
Lumi AI News — AI-assisted curation pursuant to Art. 50 EU AI Act. Paraphrasing and classification by Lumi News Pipeline v1.5.2.

Share on: