ShinyHunters Breached Instructure: 275 Million Students, Teachers and Staff Potentially Exposed

**Instructure breach attributed to ShinyHunters — ~3.65 TB and ~275M records exposed.** In late April–early May 2026 Instructure confirmed a cybersecurity incident impacting Canvas (names, institutional emails, student IDs, and inbox messages) and ShinyHunters posted an extortion demand and leak claim on its dark-web site; the breach is tied to Salesforce access and is part of a broader ShinyHunters campaign targeting education technology providers, creating elevated phishing and account-takeover risk for institutions and users.