ShinyHunters claims Canvas cyberattack compromising users' personal data
Updated
Updated · KUTV 2News · May 6
ShinyHunters claims Canvas cyberattack compromising users' personal data
15 articles · Updated · KUTV 2News · May 6
Utah education officials said the breach may affect widely used K-12 and higher education systems, with the group alleging 275 million records across nearly 9,000 schools worldwide.
Stolen data may include names, email addresses, student ID numbers and messages, while financial details, birth dates, Social Security numbers and passwords were not compromised, officials said.
Instructure told Utah the incident was resolved and is investigating scope; schools must notify parents under state law, while officials warn exposed data could still be used in phishing scams.
This breach reportedly used AI-cloned voices to trick staff. Are our schools prepared for the next wave of hyper-realistic cyberattacks?
One company's failure exposed 8,809 schools. Is the model of trusting single tech vendors with all student data fundamentally broken?
Massive Canvas LMS Breach Exposes Data of 275 Million Users, Highlighting Critical EdTech Security Failures
Overview
In late April 2026, the cybercriminal group ShinyHunters attacked Instructure, causing a major breach of the Canvas Learning Management System that disrupted services and exposed sensitive data of approximately 275 million users worldwide. The stolen information included personal details and private messages, creating serious privacy risks and increasing the threat of targeted phishing attacks, especially for vulnerable populations like minors. Instructure responded by patching vulnerabilities, revoking credentials, and restoring services, while investigations and regulatory scrutiny continue. This incident highlights systemic security weaknesses in the EdTech sector and underscores the urgent need for stronger protections, transparency, and collaboration to safeguard educational data and rebuild trust.