The end of spring term 2026 was marked by a sudden digital disaster across a large swath of higher education and K-12. A hacking group successfully struck Instructure, maker of the very popular Canvas learning management system*. It looks like ShinyHunters got into Instructure in early May, possibly April. I think the attack blew up on May 7, when the hackers posted ransom demands across Canvas instance. Instructure posted a maintenance message: By May 9th the system appears to be working again, although much is uncertain, like the possible theft of some data, who paid any ransoms, and more. Recovery is in process across the world, but it’s important to note how much chaos this event strewed across impacted institutions and populations. It came right at semester’s end, meaning it threw final exams, final grades, final projects, and graduations into question. The hack hit thousands of colleges, universities, and schools. I’ve seen figures estimating 40% of American higher ed are Canvas…
No comments yet. Log in to reply on the Fediverse. Comments will appear here.