Homeland Security wants to know about the Instructure breach; we still want to know about the Navigate360 breach

The report details two major incidents impacting education-sector vendors: Instructure was exploited via cross-site scripting leading to admin session takeover, defacement, and extortion threats by the ShinyHunters group (with service outages during finals), while Navigate360 (P3 Campus) suffered a breach that exposed millions of tip records—including names and highly sensitive reports—in plaintext; both incidents have prompted remediation efforts and Congressional inquiries and pose ongoing risks to students and schools.