We use essential cookies to make our site work. With your consent, we may also use non-essential cookies to improve user experience, personalize content, customize advertisements, and analyze website traffic. For these reasons, we may share your site usage data with our social media, advertising, and analytics partners. By clicking ”Accept,” you agree to our website's cookie use as described in our Cookie Policy. You can change your cookie settings at any time by clicking “Preferences.”

TechDogs-"Canvas Hack Hits Universities As ShinyHunters Turns Classrooms Into A Data Breach Story"

Cyber Security

Canvas Hack Hits Universities As ShinyHunters Turns Classrooms Into A Data Breach Story

By Amrit Mehra

Updated on Fri, May 8, 2026

Overall Rating
Instructure’s Canvas, a widely used education platform for grades, coursework, and student communication, was disrupted after hacker group ShinyHunters claimed it had breached the company and accessed student-linked data across thousands of schools.
 

TL;DR

 
  • Canvas was placed in maintenance mode after users reported login issues and breach claims surfaced across university portals
  • ShinyHunters claimed responsibility and alleged that close to 9,000 schools worldwide were affected
  • The group also claimed data linked to 275 million people was involved, though those figures remain unverified
  • Instructure confirmed that some personal data was compromised, including names, email addresses, student ID numbers, and private messages
  • Instructure later marked the incident as resolved and recommended customers enforce MFA, review admin access, and rotate API tokens or keys where applicable
 

Canvas Cyberattack Disrupts Access For Students Across Universities


Canvas, the online learning platform used by schools, colleges, and universities for grades, class materials, assignments, and student communication, faced a major disruption after reports from multiple college newspapers said students were blocked from accessing the service.

The incident first gained wider attention after The Harvard Crimson reported that students could not access Canvas beginning Thursday afternoon. The publication also reported that ShinyHunters claimed Harvard was among thousands of schools allegedly affected by a breach of Instructure, Canvas’ parent company.

According to student newspaper reports, Canvas users were redirected to a message from ShinyHunters, in which the group claimed responsibility and posted a list of schools it said were breached.

TechDogs-"An Image Of The Canvas Interface On A Laptop"  

Instructure Puts Canvas In Maintenance Mode And Later Marks Incident Resolved


As the disruption unfolded, Instructure said Canvas and related sites had been placed “in maintenance mode” while it investigated login issues affecting some users of Student ePortfolios.

The company said at the time, “We anticipate being up soon, and will provide updates as soon as possible.”

Having begun investigating on May 01, Instructure provided users with two updates on May 02 and May 06, before finally declaring the incident as Resolved on May 06.

On its official incidents status webpage, Instructure said:
 
“Canvas is fully operational, and we are not seeing any ongoing unauthorized activity. As a precaution, we recommend customers follow security best practices, including enforcing MFA on privileged accounts, reviewing admin access, and rotating API tokens or keys where applicable. This will be our final update via this status page for this incident. We will continue to provide updates as appropriate through other channels and are now communicating directly with impacted customers to provide organization-specific information and support.”

 

ShinyHunters Claims Massive Canvas Data Theft, But Numbers Remain Unverified


ShinyHunters claimed the breach affected close to 9,000 schools worldwide and 275 million people, including students, teachers, and staff. A member of the group also claimed that the stolen data contained 231 million unique email addresses.

However, financially motivated hacking groups are known to exaggerate breach claims to pressure victims and attract attention.

Instructure confirmed that personal data was compromised, including names, email addresses, student ID numbers, and private messages between students and instructors. Passwords and financial data were reportedly not stolen.

TechCrunch reported that a sample shared by ShinyHunters included data from two U.S. schools, one in Massachusetts and one in Tennessee. The sample included names, email addresses, some phone numbers, and messages in one case, but it did not include passwords.
 

Topics For More Insights

 

Universities In The US And Netherlands Respond To Canvas Breach Fallout


The impact was not limited to one campus. Student newspapers from Duke University, UCLA, the University of Nebraska, the University of Pennsylvania, and others reported that their institutions had been affected.

The Daily Pennsylvanian reported that ShinyHunters posted a message on Penn’s Canvas page last week, warning universities to contact the group before May 12 if they did not want their data released.

In the Netherlands, Vrije Universiteit Amsterdam disconnected all systems linked to Canvas as a precautionary measure and reported the incident to the Dutch Data Protection Authority. Universities of the Netherlands said seven Dutch universities were affected, including the University of Amsterdam, Erasmus University Rotterdam, Tilburg University, Eindhoven University of Technology, Maastricht University, and the University of Twente.

Instructure said it implemented security patches, increased monitoring, and rotated application keys. Customers must reauthorize API access, while the investigation continues.

First published on Fri, May 8, 2026

Amrit Mehra

Amrit Mehra

Senior Tech News Reporter TechDogs

Amrit Mehra is an experienced tech journalist with nearly a decade of reporting across IT, MarTech, and enterprise technology. He focuses on helping readers understand why tech developments matter—not just what they are. His writing stands out for its clarity, contextual relevance, and thoughtful simplicity. In addition to covering industry shifts, Amrit enjoys injecting humor and personality into his work, often through witty observations and meme-worthy takes that make tech more enjoyable to follow.

Enjoyed what you read? Great news – there’s a lot more to explore!

Dive into our content repository of the latest tech news, a diverse range of articles spanning introductory guides, product reviews, trends and more, along with engaging interviews, up-to-date AI blogs and hilarious tech memes!

Also explore our collection of branded insights via informative white papers, enlightening case studies, in-depth reports, educational videos and exciting events and webinars from leading global brands.

Head to the TechDogs homepage to Know Your World of technology today!

Disclaimer - Reference to any specific product, software or entity does not constitute an endorsement or recommendation by TechDogs nor should any data or content published be relied upon. The views expressed by TechDogs' members and guests are their own and their appearance on our site does not imply an endorsement of them or any entity they represent. Views and opinions expressed by TechDogs' Authors are those of the Authors and do not necessarily reflect the view of TechDogs or any of its officials. While we aim to provide valuable and helpful information, some content on TechDogs' site may not have been thoroughly reviewed for every detail or aspect. We encourage users to verify any information independently where necessary.

Tags:

Cyber ThreatInternet SecurityRansomwareCanvas Cyberattack Instructure Data Breach ShinyHunters Hack Education Technology Security

Join The Discussion

Trending TD NewsDesk

Join Our Newsletter

Get weekly news, engaging articles, and career tips-all free!

By subscribing to our newsletter, you're cool with our terms and conditions and agree to our Privacy Policy.

Home

Hot Topic: AI

News

Articles

Branded Insights

  • Dark
  • Light