Chaos erupted at schools and colleges throughout the US on Thursday as a cyberattack disrupted the online learning platform Canvas, coinciding with final exam schedules. The timing of this attack exacerbated the stress faced by students as they prepared for crucial assessments.
Instructure, the parent company of Canvas, reported that by Friday morning, the platform was back online. The disruption occurred after the company identified unauthorized activity on its network. Alarmingly, this threat actor was the same group responsible for a data breach disclosed by Instructure just a week prior. The breached data included user names, email addresses, student ID numbers, and messages exchanged on the platform, although Instructure stated there was no evidence that more sensitive information, such as passwords, government identifiers, or financial data, had been compromised.
Schools and colleges scramble to respond
A ransomware group known as ShinyHunters took responsibility for the breach on its dark web site. They claimed that the data accessed involved up to 275 million people from around 8,800 educational institutions. This massive breach sent ripples of panic through academic campuses as students logged in, only to be met with a ransom demand on the Canvas login pages. The demand suggested that Instructure had previously rebuffed the group’s requests, urging individual institutions to negotiate directly.
In immediate response to the situation, several universities made quick decisions to mitigate the impact on students. The University of Illinois postponed all final exams and assignments that were scheduled for Friday, Saturday, and Sunday. Similarly, the University of Massachusetts Dartmouth adjusted its exam schedules, extending due dates to accommodate affected students. The University of California system sent directives to all its campuses in response to the ongoing crisis.
Wider implications of cyberattacks on educational platforms
Canvas is not the only digital learning tool facing these cyber threats. Last year, PowerSchool, which provides cloud-based software to approximately 16,000 K–12 schools serving around 60 million students globally, suffered a breach that exposed sensitive information, including names, addresses, and disciplinary records of students.
ShinyHunters has gained notoriety over the years as a collective involved in such attacks. In a notable incident in 2024, they acquired a trove of credentials from cloud storage provider Snowflake, ultimately using this information to breach associated Snowflake clients, such as TicketMaster.
As educational institutions increasingly rely on digital platforms for learning and assessments, the recent cyberattack on Canvas highlights the urgent need for enhanced cybersecurity measures to protect sensitive student information and ensure uninterrupted education.
For more detailed information, visit Here.
Image Credit: arstechnica.com
