Nigeria appoints Ex-NBA coach to lead D’Tigers

Schools and universities affected by a major cyberattack on the educational platform Instructure have reportedly begun reaching out directly to the hackers in an effort to stop sensitive student data from being leaked online.

According to a report by Reuters, the hacking group ShinyHunters claimed responsibility for the breach, which targeted the widely used learning management platform Canvas.

The group announced on May 3 that it had stolen approximately 6.65 terabytes of data linked to nearly 9,000 schools worldwide. The leaked information reportedly includes student names, email addresses, student ID numbers, and even private messages exchanged between students, teachers, and school staff.

Canvas is one of the most widely used educational platforms globally, helping schools manage assignments, classroom communication, and academic resources. The platform reportedly serves more than 30 million active users ranging from kindergarten students to college learners.

Students Face Disruptions During Critical Academic Period

The cyberattack has caused significant disruption across schools and universities, especially as students prepare for final assignments and end-of-year examinations.

Student newspapers across the United States reported login issues and interruptions throughout the week. Some students who attempted to access Canvas on May 7 were reportedly greeted with a message from ShinyHunters containing a link to a list of affected schools.

Following the incident, Instructure temporarily took Canvas, Canvas Beta, and Canvas Test offline before restoring the main platform several hours later.

An Instructure spokesperson later confirmed that hackers had altered pages visible to some students and teachers while logged into the system.

FBI Aware of Ongoing Education System Breach

The Federal Bureau of Investigation confirmed on Friday that it was aware of a cyberattack affecting the U.S. education system, although the agency did not directly mention Canvas by name.

ShinyHunters also publicly criticized Instructure, claiming the company had not attempted to communicate with them to prevent the leak of stolen data. The hackers reportedly posted a list of around 1,400 schools and districts online while inviting affected institutions to negotiate directly with them.

Cybersecurity experts note that ransomware and extortion groups sometimes remove posts related to victims when negotiations or payments are taking place, although there is no official confirmation that any payments were made in this case.

Instructure Explains Cause of the Breach

Instructure first acknowledged the cybersecurity incident in a May 1 statement published on its support website. A later update from Chief Information Security Officer Steve Proud confirmed that user information and internal messages had been compromised.

The company said the hackers exploited a vulnerability connected to its “Free-for-Teacher” service, a feature that allows non-Canvas users to test parts of the platform.

As part of its response, Instructure temporarily shut down the Free-for-Teacher service, stating that the move helped restore confidence in the security of the main Canvas platform.

While Canvas has since returned online, Canvas Beta and Canvas Test remain under maintenance mode as investigations continue.

Schools Continue Security Precautions

Several school districts have begun notifying parents, students, and staff about the incident.

The South Orange-Maplewood School District informed parents that unauthorized activity was first detected on April 29 after the breach reportedly occurred on April 25.

Meanwhile, Montgomery County Public Schools said it was gradually restoring Canvas access while continuing additional security reviews to ensure all systems are safe for use.

The incident adds to growing concerns over cybersecurity threats targeting educational institutions, which increasingly rely on digital platforms for daily operations and communication.