Cyberattack on Education Platform Canvas Causes Chaos During Finals

Thousands of students and teachers across North America faced a difficult week after the popular education platform Canvas went offline. The service, which is used by millions to manage courses, submit assignments, and view grades, stopped working on Thursday due to a cyberattack. This disruption happened at a very bad time for many students, as it occurred during the busy final exam period.

According to NPR, the platform is used by about half of all higher education institutions in North America. When users tried to log in on Thursday, they were met with a black screen and a message from a hacking group known as ShinyHunters. This group claimed responsibility for the attack and stated that they had accessed data from 275 million students, teachers, and staff members at nearly 9,000 schools around the world.

ShinyHunters is a well-known group that has been linked to other major cyberattacks, including one against the ticket sales company Ticketmaster in 2024. Rachel Tobac, the CEO of SocialProof Security, described the group as a loose collection of young hackers who work together like a ransomware gang. Ransomware is a type of malicious software that hackers use to lock computer systems or steal private data, demanding payment to restore access or keep the information secret.

Instructure, the parent company of Canvas, confirmed that they detected unauthorized activity on their network starting in late April. On Thursday, they decided to take the platform offline after the hackers made visible changes to the site while students were logged in. Instructure stated that the stolen data included names, email addresses, student ID numbers, and private messages. However, the company noted that they have no evidence that passwords, birth dates, or financial information were stolen.

As reported by Ars Technica, the outage caused immediate chaos at many schools. Because students could not access their course materials or submit their final work, many universities had to change their plans. For example, the University of Illinois postponed all final exams and assignments scheduled for that weekend. Other schools, such as the University of Massachusetts Dartmouth, chose to extend deadlines to give students more time to finish their work.

Deutsche Welle noted that some schools even tried to reach out to the hackers to negotiate, as the group had encouraged individual institutions to talk to them directly. The hackers had set a deadline of May 12 for their demands to be met, threatening to leak the stolen data online if they were not satisfied. It remains unclear whether any ransom was paid to bring the platform back online.

By Friday, Instructure announced that Canvas was fully restored. The company explained that they had fixed the security issue that allowed the hackers to enter their system through 'Free-for-Teacher' accounts. In a statement, Instructure expressed regret for the worry and inconvenience the situation caused for students and faculty members.

Despite the platform being back online, experts warn that the danger is not necessarily over. Rachel Tobac advised users to remain very careful. She suggested that students and teachers should watch out for 'phishing' messages. Phishing is a common trick where hackers send fake emails or messages pretending to be from a trusted source—like a professor or the Canvas support team—to steal passwords or other personal information. Because the hackers now have access to names and email addresses, they might try to use this information to trick people into giving away more details.

This incident is part of a growing trend of cyberattacks against educational technology. Last year, another company called PowerSchool, which provides software to millions of K-12 students, also suffered a major data breach. As schools rely more and more on digital tools to manage learning, these platforms become more attractive targets for hackers. For now, students and teachers are returning to their studies, but the event serves as a strong reminder of the importance of digital security in modern education.