Canvas cyberattack knocks data offline

Canvas is the software layer a lot of schools now run on. Assignments live there. Grades live there. Messages, lecture slides, quizzes, final projects — same place. So when Canvas went down on May 7 after a cyberattack, this was not some annoying website outage. It was a campus-wide operational failure that landed right in the middle of finals. ### What actually got hit? Canvas is the learning-management system made by Instructure. It is used by thousands of schools and universities, and Instructure says the platform has more than 30 million active users. When the incident escalated, users trying to log in were reportedly redirected to a ransom-style message instead of the normal Canvas page. Instructure then put Canvas into maintenance mode and later restored service for most users. (time.com) ### Who says they did it? The name attached to the attack is ShinyHunters — a hacking group that has been tied to other high-profile breaches. The group claimed responsibility publicly and threatened to leak data unless payments were made. Threat researchers and multiple news reports linked the defacement and extortion campaign to that group, though that does not mean every claim the attackers made should be taken at face value. Hackers routinely inflate numbers to raise pressure. (time.com) ### What data seems to be exposed? This is the part that matters most for actual people. Instructure has said the compromised information may include names, email addresses, student ID numbers, and messages between users. The company also said it has not found evidence that passwords, dates of birth, government IDs, or financial information were taken. That is better than a worst-case breach — but it is still serious, because identity data plus private messages can fuel phishing, impersonation, and targeted scams. (time.com) ### Why did the outage hurt so much? Because Canvas is not just a file cabinet. It is the workflow. In many courses, it is where students submit papers, take quizzes, check grades, watch lectures, and message instructors. Take that away during finals and the whole academic machine starts improvising at once — professors emailing PDFs, students screenshotting deadlines, IT teams deciding whether to reconnect or wait. A lot of campuses depend on Canvas the way companies depend on Slack plus Google Drive plus a gradebook rolled into one. (time.com) ### How big is this, really? The attackers claimed they had data on 275 million individuals across nearly 9,000 schools. That number is huge, and it may be exaggerated. But even the conservative version is broad. Schools across the U.S. and Canada reported disruption, and some institutions kept access blocked even after Instructure said service was mostly restored. That tells you the real issue was not just downtime — it was trust in whether the environment was actually clean. (abcnews.com) ### Where did defenders lose control? Instructure said the attacker exploited an issue related to Free-For-Teacher accounts, and one university notice said unauthorized activity was first detected on April 29. That timeline matters. Basically, the breach and the outage were related but not identical. First came unauthorized access and data theft. Then came the public pressure phase — defacement, extortion, and service disruption — when the company took systems offline to contain risk. (krebsonsecurity.com) ### What does this change now? It puts a spotlight on vendor concentration risk. Schools outsource core teaching functions to a central platform because it is efficient. But the catch is obvious now — one vendor incident can ripple across thousands of institutions at once. Expect more schools to ask harder questions about segmentation, backup workflows, offline grading contingencies, and what exactly happens when a “cloud platform” becomes unavailable during the most time-sensitive week of the term. (time.com) ### Bottom line? This was not just a data breach and not just an outage. It was both at once — which is why it hit so hard. Canvas came back for most users, but the bigger story is how much of modern school life now depends on one always-on system staying trustworthy. (time.com) (abcnews.com)