Double Canvas breach acknowledged as ShinyHunters sets new pay-or-leak deadline

Instructure's Canvas platform suffered two intrusions tied to a vulnerability in its Free-for-Teacher environment, with ShinyHunters claiming to have stolen ~3.65 TB of data encompassing roughly 275 million student, teacher, and staff records from about 8,800 institutions; the group defaced portals and issued pay-or-leak demands before Instructure brought Canvas offline, engaged CrowdStrike and law enforcement, and later said it reached an agreement with the actor and secured digital confirmation of data destruction.