Instructure Confirms Canvas Cybersecurity Incident, User Data Accessed

**Canvas cybersecurity incident:** Instructure detected unauthorized access to certain user data on the Canvas platform, has contained the incident and is investigating with external forensic support; exposed data reportedly includes names, emails, student IDs and platform messages, while the company states there is no evidence of passwords or financial/government identifiers being accessed. ShinyHunters has claimed responsibility and alleged a 3.6 TB theft affecting over 9,000 schools (unverified), and remediation steps included credential/token revocation, key rotation, security patches, increased monitoring, and temporary service disruptions.