Cyberattack Disrupts Canvas Learning Platform During US Finals Week

A cyberattack on the Canvas online learning platform caused widespread disruption at schools and colleges across the United States on Thursday, just as students were preparing to take final exams.

Canvas’s parent company, Instructure, confirmed that the platform was restored by Friday morning. The company had temporarily taken Canvas offline on Thursday after detecting unauthorized activity within its network.

The threat actor behind the attack was identified as the same group responsible for a data breach disclosed by Instructure one week prior. According to the company, the accessed data included user names, email addresses, student ID numbers, and messages exchanged on the platform. Instructure stated there was no evidence that passwords, dates of birth, government identifiers, or financial information were compromised.

ShinyHunters Claims Responsibility

A ransomware group known as ShinyHunters claimed responsibility for the breach on its dark web site. The group asserted that the stolen data originated from 275 million individuals linked to 8,800 schools.

Schools and Colleges Scramble to Respond

Educational institutions nationwide faced immediate challenges as Canvas, a widely used learning management system, became inaccessible during a critical academic period. Many schools reported delays in exam schedules and disruptions to online coursework, prompting urgent responses from administrators and IT teams.

Instructure has not yet disclosed whether a ransom demand was made or if any data was exfiltrated during the attack. The company is continuing its investigation and has advised users to monitor official communications for updates.