Ptechhub
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
PtechHub
No Result
View All Result

Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak

The Hacker News by The Hacker News
May 12, 2026
Home Cybersecurity
Share on FacebookShare on Twitter


Ravie LakshmananMay 12, 2026Vulnerability / Network Security

American educational technology company Instructure, the parent company of Canvas, said it reached an “agreement” with a decentralized cybercrime extortion group after it breached its network and threatened to leak stolen information from thousands of schools and universities.

In an update shared on Monday, the Utah-based firm said it “reached an agreement with the unauthorized actor involved in this incident,” citing “concerns about the potential publication of data.”

In taking the controversial decision to pay a ransom to avoid a leak, the company said the agreement covers all its impacted customers and that the pilfered data was returned to it, along with digital confirmation of data destruction. It also said it has been informed that none of the company’s customers will be separately extorted as a result of the hack.

“While there is never complete certainty when dealing with cyber criminals, we believe it was important to take every step within our control to give customers additional peace of mind, to the extent possible,” Instructure said.

It also said it’s working with expert vendors to support its forensic analysis, improve its cybersecurity posture, and conduct a comprehensive review of the data involved.

The disclosure comes as the ShinyHunters extortion crew waged a digital attack against Canvas, a popular web-based learning management system, late last month, resulting in the theft of 3.65TB of data. The incident impacted nearly 9,000 organizations.

Although the breach was assumed to be initially contained, a second wave of unauthorized activity tied to the same incident was detected on May 7, 2026, defacing the Canvas login portals with extortion messages at roughly 330 institutions and giving Instructure a deadline of May 12, 2026, to negotiate a ransom or risk a data leak.

The attackers are said to have weaponized an unspecified vulnerability “regarding support tickets” in its Free-for-Teacher environment to obtain initial access and siphon about 275 million records containing usernames, email addresses, course names, enrollment information, and messages. Instructure has emphasized that course content, submissions, and credentials were not compromised.

In the wake of the breach, Instructure has temporarily shut down Free-For-Teacher accounts. The company did not disclose the nature of the vulnerability, but said it revoked privileged credentials and access tokens for affected systems, rotated internal keys, restricted token creation pathways, and deployed additional security controls.

“The exfiltrated data provides threat actors enough personal context to conduct targeted phishing campaigns against staff, students, and parents alike,” Halcyon said.

“Leaked records can be used to impersonate school administrators, IT support, or financial aid offices in follow-on attacks. Students, parents, and personnel at affected institutions should be considered, and institutions should issue phishing advisories and direct communications immediately.”



Source link

The Hacker News

The Hacker News

Next Post
Sonae progresse de 14 % pour atteindre un chiffre d’affaires record de 11,4 milliards d’euros en 2025

Sonae progresse de 14 % pour atteindre un chiffre d'affaires record de 11,4 milliards d'euros en 2025

Recommended.

Midas sichert sich 80 Millionen Dollar in Serie B und markiert damit die größte Fintech-Investition in der Türkei überhaupt

Midas sichert sich 80 Millionen Dollar in Serie B und markiert damit die größte Fintech-Investition in der Türkei überhaupt

August 19, 2025
Airties Introduces Airties Lite for Management of Retail-Purchased Wi-Fi Gateways

Airties Introduces Airties Lite for Management of Retail-Purchased Wi-Fi Gateways

May 7, 2026

Trending.

AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

AWS Vs. Google Cloud Vs. Microsoft Azure Q1 Earnings Face-Off

May 1, 2026
Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

May 4, 2026
Google’s 0 Million Partner Fund Targets AI Agent Era Channel Paradigm Shift

Google’s $750 Million Partner Fund Targets AI Agent Era Channel Paradigm Shift

April 24, 2026
AWS Solution Provider Caylent Unveils Dedicated Anthropic Claude Unit

AWS Solution Provider Caylent Unveils Dedicated Anthropic Claude Unit

April 30, 2026
Dell’s Infrastructure Blitz: Private Cloud, PowerStore Elite, PowerEdge In Spotlight At Dell Technologies World 2026

Dell’s Infrastructure Blitz: Private Cloud, PowerStore Elite, PowerEdge In Spotlight At Dell Technologies World 2026

May 19, 2026

PTechHub

A tech news platform delivering fresh perspectives, critical insights, and in-depth reporting — beyond the buzz. We cover innovation, policy, and digital culture with clarity, independence, and a sharp editorial edge.

Follow Us

Industries

  • AI & ML
  • Cybersecurity
  • Enterprise IT
  • Finance
  • Telco

Navigation

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Subscribe to Our Newsletter

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Copyright © 2025 | Powered By Porpholio

No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs

Copyright © 2025 | Powered By Porpholio