Congress Puts Heat on Instructure After Canvas Outage

Lawmakers are investigating a high-profile compromise of Instructure's Canvas LMS by the ShinyHunters group after attackers exfiltrated data (claimed >3TB affecting >9,000 institutions), briefly took Canvas offline, and posted ransom demands on login pages; the incident follows a prior September 2025 Salesforce breach and has raised questions about possible ransom payment, repeat targeting, and Instructure's incident response and remediation.