Canvas Parent Company Reaches Deal With Hackers to Delete Stolen Student Data
Hackers
The company behind the Canvas educational platform has reached an agreement with hackers to delete stolen data following a major cyberattack that disrupted schools and universities worldwide during exam season.
San Francisco | May 13: Instructure, the parent company of the widely used Canvas learning management system, has announced that it reached an agreement with the hacking group responsible for a massive cyberattack that exposed sensitive student and teacher data from thousands of educational institutions globally. The company said the stolen data had been returned and deleted following negotiations with the attackers.
The cyberattack, linked to the hacking group ShinyHunters, disrupted access to Canvas last week, causing major problems for schools and universities during final examinations. The hackers claimed to have accessed information connected to nearly 9,000 educational institutions and around 275 million users worldwide.
According to Instructure, the compromised data included names, email addresses, student identification numbers, and private messages exchanged on the platform. However, the company stated there was no evidence that passwords, financial information, government identification details, or birth dates were exposed in the breach.
The company did not disclose the exact terms of the agreement or confirm whether a ransom payment was made to the hackers. Instructure said it received “digital confirmation” and “shred logs” indicating that the stolen data had been destroyed, although cybersecurity experts warned that there is no absolute guarantee the information has been permanently erased.
The breach triggered widespread disruption across universities and schools in the United States, Canada, Australia, Europe, and parts of Asia, with several institutions temporarily shutting down access to Canvas and extending assignment deadlines. The incident is being described by cybersecurity experts as one of the largest education-related data breaches in recent years.
Instructure said it is continuing forensic investigations into the breach and has implemented additional cybersecurity measures to prevent similar attacks in the future. Authorities and cybersecurity agencies are also monitoring the incident closely as concerns grow over digital security in the education sector.
Follow us On Our Social media Handles :
Instagram
Youtube
Facebook
Twitter
Also Read- Pune
