A major cybersecurity incident has recently affected Instructure, the company behind the Canvas LMS platform used by schools and universities worldwide. Reports claim that hacker group ShinyHunters stole nearly 3.65 terabytes of data from the system. The incident is being described as one of the biggest cyberattacks ever seen in the education sector. Millions of students and teachers may have been impacted by the breach.

According to cybersecurity reports, the hackers claimed they had access to nearly 275 million user records connected to Canvas. The leaked information reportedly includes names, email addresses, student ID numbers, and internal messages shared on the platform. However, Instructure stated that there is currently no evidence showing that passwords, financial details, or banking information were stolen. The company is still continuing its investigation into the full extent of the breach.

The attack became more serious after several Canvas login pages were reportedly modified to display ransom-related messages from the attackers. ShinyHunters allegedly warned institutions that the stolen information could be leaked publicly if negotiations were ignored. This created panic among many educational institutions because Canvas is heavily used for online learning and communication. Many students and teachers became concerned about the safety of their personal information.

Reports also suggest that nearly 9,000 educational institutions may have been affected by the incident in some way. Some schools temporarily restricted or disabled access to Canvas while investigations were being carried out. Since the attack happened close to exam periods in many institutions, it caused major disruptions for students and faculty members. Many users faced difficulties accessing assignments, study material, and important academic updates.

Recent cybersecurity reports now suggest that Instructure has reached a ransom-related agreement in an attempt to stop the public release of the stolen data. The company has not officially revealed the amount involved or the exact details of the negotiations. However, security researchers believe the agreement was made to reduce the risk of a larger data leak. Officials are still monitoring the situation closely to prevent further damage.

Investigators believe the attack may have started through vulnerabilities connected to Canvas “Free-For-Teacher” accounts. After detecting the breach, Instructure reportedly revoked certain credentials and rotated important security keys to strengthen protection. The company also increased system monitoring and temporarily suspended some services during the investigation process. Cybersecurity experts are still working to identify how the attackers gained access to the system.

Even though passwords and payment information were reportedly not exposed, experts are still warning users to remain careful. Cybercriminals can still use leaked names, emails, and academic information to launch phishing attacks and online scams. Attackers may pretend to be teachers, administrators, or official institutions to trick users into sharing sensitive information. Experts believe these scam attempts may look more convincing because real educational data was involved.

Students and teachers using Canvas are now being advised to change their passwords and enable multi-factor authentication wherever possible. Users are also being warned to avoid suspicious emails and verify links before entering login details online. The incident has once again raised serious concerns about cybersecurity in the education sector and the protection of student information. Many experts believe educational institutions are becoming major targets for ransomware and data extortion attacks.

Stay alert, and keep your security measures updated!

Source: Follow cybersecurity88 on X and LinkedIn for the latest cybersecurity news