Global Learning Platform Canvas Hit by Ransomware Attack
AI-generated from multiple sources. Verify before acting on this reporting.
LONDON (Reuters) - Additional reports have confirmed the scope of the disruption affecting the Canvas learning management system. Institutions previously unable to verify access status have now reported successful reconnection to the platform. Administrators indicate that while core functionality remains operational, some users may experience intermittent latency during peak usage hours. The technical team is continuing to monitor system stability and has advised educators to allow extra time for file uploads and grade submissions. No further data breaches have been identified beyond the initial service interruption. Support channels remain open for institutions requiring assistance with account recovery or data synchronization. The partial restoration of services marks a significant step toward full operational recovery, though some advanced features remain temporarily disabled pending final security audits. Users are encouraged to check their institution-specific communications for detailed timelines regarding the full restoration of all platform capabilities.
LONDON (Reuters) - The Canvas online learning management system was taken offline globally on Sunday following a cyberattack attributed to the ShinyHunters hacking collective, disrupting education for thousands of schools worldwide before services were partially restored.
The attack, which began early Sunday morning, forced administrators at universities and K-12 institutions across multiple continents to suspend access to the platform. Instructors and students reported being unable to log in to course materials, submit assignments, or access grades. The outage affected institutions in North America, Europe, and Asia, with some universities advising students to rely on offline materials until further notice.
ShinyHunters, a group known for targeting educational and government entities, claimed responsibility for the breach. The collective stated on a dark web forum that they had exfiltrated sensitive data from the system, including student records, faculty information, and internal communications. The group demanded an undisclosed ransom in cryptocurrency in exchange for the return of the data and a guarantee that the information would not be published.
In response to the incident, Instructure, the company that develops and maintains Canvas, confirmed the attack and stated that it had engaged cybersecurity experts to investigate the breach. The company reported that the malicious actors had gained unauthorized access to certain internal systems but had not compromised the core database containing student and faculty information. Instructure said it had isolated the affected systems and initiated a full restoration of services.
By late Sunday, many institutions reported that access to Canvas had been restored, though some users experienced intermittent connectivity issues. Instructure advised schools to reset passwords and enable multi-factor authentication as a precautionary measure. The company also announced that it was working with law enforcement agencies to track the perpetrators.
The attack has raised concerns about the security of cloud-based educational platforms, which have become increasingly reliant on digital infrastructure for remote and hybrid learning. Experts warn that the education sector remains a prime target for cybercriminals due to the vast amounts of personal data stored on these systems.
Instructure has not confirmed whether a ransom was paid, and the full extent of the data breach remains unclear. The company stated it would provide further updates as the investigation continues. Schools affected by the outage are now assessing the impact on their academic calendars and determining whether any student data was compromised.
The incident marks one of the largest disruptions to an educational technology platform in recent years, highlighting the vulnerability of critical digital infrastructure to cyber threats. As universities and schools work to recover from the attack, questions remain about the long-term security of the systems that support modern education.