What motivated this blog post was this report (Kathryn Palmer, Inside Higher Ed, 11 May 2026) that Instructure (the company that owns Canvas) has paid an undisclosed ransom to a gang of cybercriminals that hacked the company’s learning management system. “ShinyHunters” (a black-hat criminal extortion group active since 2019; Wikipedia) “2026 Canvas security incident” (also via Wikipedia) “The Canvas hack is a new kind of ransomware debacle” (Lily Hay Newman & Andy Greenberg, Wired, 8 May 2026) Visualization of nationwide Canvas breach (Ajith Araiza-Singh & Luca Vicisano, The Daily Californian, 8 May 2026) In addition, below are links to some of the scholarly literature (ungated or open access*) on the economics and law of ransomware payments: “To pay or not: game theoretic models of ransomware” (Edward Cartwright et al., Journal of Cybersecurity, 2019) Should we outlaw ransomware payments?” (Debabrata Dey & Atanu Lahiri, Proceedings of the 54th Hawaii International Conference on…
No comments yet. Log in to reply on the Fediverse. Comments will appear here.