Canvas Breach Disrupts Schools & Colleges Nationwide

An ongoing data-extortion campaign by the cybercrime group ShinyHunters has compromised Canvas/Instructure, replacing the login page with ransom demands and threatening to publish data purportedly from 275 million students and faculty across nearly 9,000 educational institutions. Instructure temporarily took Canvas offline during the incident; the report notes prior related breaches, claims of extensive private messages and identifiers in the stolen data, and active negotiations and extortion attempts against affected universities and districts.