Canvas Cyberattack Disrupts College Final Exams: What Students and Schools Need to Know

A widespread cyberattack on Canvas, the popular online learning platform, disrupted final exams and coursework for colleges and universities across the United States, leaving students and faculty scrambling during a high-pressure period.

By late Thursday, Instructure, the parent company of Canvas, confirmed that the platform was restored for most users. However, the disruption caused by the attack continues to impact academic schedules and institutional security protocols.

The hacking group ShinyHunters claimed responsibility for the breach, according to Luke Connolly, a threat analyst at cybersecurity firm Emsisoft. The group had previously listed Canvas as a target on its data leak site but removed it by Friday. Despite this, some schools maintained restricted access to the platform as a precaution while assessing potential security vulnerabilities.

What Is Canvas and Why Does It Matter?

Canvas is a critical tool for higher education, serving as a centralized platform for:

• Gradebook management
• Hosting digital lectures and course materials
• Facilitating discussion boards for classroom projects
• Enabling student-instructor messaging
• Hosting quizzes, exams, and final project submissions

Many colleges rely on Canvas to administer final exams and manage deadlines, making the platform indispensable during finals week.

Who Is ShinyHunters?

ShinyHunters is a loosely organized collective of young hackers based in the U.S. and the U.K. The group has been linked to several high-profile cyberattacks, including a breach of Ticketmaster.

On its data leak site, ShinyHunters describes itself as “rooting your systems since ‘19,” a term referring to deep-level access within computer systems. Earlier this week, the group threatened to leak data from nearly 9,000 schools and 275 million individuals if institutions did not meet a ransom demand by May 6. The deadline was later extended, suggesting some schools had engaged in negotiations.

Why Are Schools and Universities Prime Targets for Cyberattacks?

Schools and universities store vast amounts of personally identifiable information (PII) on students, faculty, and staff, making them attractive targets for ransomware attacks. Recent high-profile incidents include:

• Minneapolis Public Schools
• Los Angeles Unified School District
• Third-party education platforms like PowerSchool

These attacks often disrupt academic operations, delay exams, and force institutions to implement temporary security measures.

Impact on Students and Academic Schedules

While most schools have restored access to Canvas, the disruption has already had significant consequences:

• University of Massachusetts Dartmouth postponed exams scheduled for Friday and Saturday to allow students additional time to review materials inaccessible during the outage.
• University of Illinois canceled all exams for Friday, Saturday, and Sunday, regardless of whether the courses used Canvas.
• Montgomery County Public Schools (Maryland) continued to restrict Canvas access on Friday, citing an “abundance of caution” while assessing potential vulnerabilities.