CANVAS REACHES DEAL WITH HACKERS OVER STOLEN DATA

The ShinyHunters group claimed responsibility for breaching Canvas systems and threatened to publish 3.5 terabytes of student data unless ransom demands were met. Instructure confirmed the stolen data has been returned as part of the agreement. The attack forced Canvas offline briefly before the company restored service. ShinyHunters, a known cybercriminal group, had publicly threatened to leak the data online if their "settlement" demands were not satisfied. Details about the financial terms of the agreement remain undisclosed. Instructure has not specified what information was accessed during the breach or how many students were affected. Canvas serves millions of students and educators across K-12 schools and higher education institutions globally. The platform hosts course materials, assignments, grades, and other sensitive academic information. This incident adds to a growing list of education sector breaches targeting learning management systems. Schools and universities increasingly face sophisticated cyberattacks aimed at obtaining personal and financial data of students and staff. Instructure has not released a full security report detailing how the breach occurred or what preventive measures will be implemented. The company typically provides incident reports to affected institutions and users, though timelines vary. The agreement with ShinyHunters does not guarantee the data will not be sold or leaked through other channels. Cybersecurity experts note that such agreements with criminal groups offer limited assurance, as stolen data can be copied and distributed despite promises of deletion.