INSTRUCTURE REACHES DEAL WITH HACKERS AFTER TWO BREACHES
SECURITY DESK■ 2 MIN READ
TUE, MAY 12, 2026■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE
Canvas software maker Instructure announced an agreement with hackers who breached its systems twice, though the company offered no assurance the attackers will honor the deal or refrain from releasing stolen data.
Instructure, which provides Canvas learning management software to schools and universities worldwide, disclosed it has reached an agreement with the threat actors responsible for two separate security breaches.
The company did not disclose specific terms of the deal or explain what concessions were made. In a statement, Instructure said it "reached an agreement" with the hackers but provided no guarantees regarding data protection or the attackers' future conduct.
The lack of transparency raises significant questions about the effectiveness of such negotiations. Cybersecurity experts have long warned that paying or negotiating with threat actors provides no binding assurance that stolen data will be deleted or withheld from public release. Hackers can easily copy files before agreeing to terms, then distribute the information later for additional profit.
Instructure serves educational institutions across multiple continents, making any data breach a concern for millions of students and staff members. The nature of the information accessed during the two breaches has not been fully disclosed.
This incident highlights the difficult position organizations face when targeted by cybercriminals. Schools and universities often choose negotiation as a last resort to minimize potential harm, despite the inherent risks of dealing with attackers who operate outside legal systems.
The company has not announced whether it will notify affected users about the breaches or provide details on what data was compromised. Instructure said it is working to strengthen security measures, a standard response that typically follows major incidents.
The agreement comes as educational institutions increasingly face cyberattacks. Ransomware gangs and data thieves frequently target schools due to their valuable student and staff records, often combined with limited IT resources compared to larger enterprises.
Users of Canvas should monitor their accounts for suspicious activity and consider changing passwords as a precautionary measure.
■ SOURCES
► TechCrunch■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE
■ MORE FROM THE SECURITY DESK
Instructure, owner of the Canvas learning management platform, says it has reached an agreement with the ShinyHunters hacking group to recover stolen student data following a breach last week.
3H AGO— Security Desk
Human Rights Watch found that at least six EU member states, including Bulgaria and Denmark, have sold surveillance technology to more than 24 countries with documented human rights violations.
6H AGO— Security Desk
The Trump administration is internally debating a potential ban on Chinese-made cellular modules as the FCC intensifies efforts to reduce Beijing's technological footprint in US infrastructure.
6H AGO— Industry Desk
Instructure, maker of the Canvas learning management system, has reached an agreement with the ShinyHunters extortion group to prevent stolen data from being publicly released.
6H AGO— Industry Desk