Instructure pays ransom after Canvas incident as Congress announces investigation

Education-technology vendor Instructure was breached twice by the ShinyHunters cybercriminal group, which exfiltrated data from roughly 9,000 Canvas customers (names, emails, student IDs, messages), defaced the platform with ransom demands, and forced a temporary shutdown that disrupted students and faculty; Instructure paid a ransom to obtain data return/destruction assurances amid FBI awareness and a forthcoming congressional investigation.