ShinyHunters Disrupts Canvas at 8,000 Universities, Threatening Student Data Release
Updated
Updated · WOWT · May 12
ShinyHunters Disrupts Canvas at 8,000 Universities, Threatening Student Data Release
6 articles · Updated · WOWT · May 12
Millions of students worldwide lost access to Canvas after ShinyHunters hit the learning platform during finals week, disrupting homework and test submissions across more than 8,000 universities.
The group is threatening to release private student and faculty data unless a ransom is paid, a tactic cybersecurity officials said targets major single points of failure.
Canvas service was restored within days, but Matrix cybersecurity director Matt Hale said the breach exposed a weakness that could invite another attack.
Hale said ShinyHunters has been linked to past attacks on companies including Google, Gucci, Adidas and Salesforce, underscoring the broader risk facing universities.
With 41% of colleges using one platform, is the entire education system now a single point of failure for cyberattacks?
After paying a ransom for 275 million records, is student data truly safe or just funding the next attack?
275 Million Impacted: Inside the 2026 Canvas LMS Data Breach and Its Global Fallout
Overview
In early May 2026, the hacking group ShinyHunters launched a major cyberattack on Instructure’s Canvas platform, leading to a global outage that disrupted service for about 9,000 institutions during critical final exam periods. As a result, exams were postponed and deadlines extended for students worldwide. The breach exposed sensitive personal information, including usernames, email addresses, student ID numbers, and billions of private messages. Instructure detected unauthorized activity, took Canvas offline for investigation, and later negotiated a settlement with the hackers to recover the stolen data, while committing to stronger security measures to prevent future incidents.