Instructure and Illinois State University: Data breach affects schools using Canvas; University of Illinois postpones final exams, assignments

Massive Cyberattack Disrupts U.S. Education Sector via Canvas LMS Breach

A widespread cyberattack has disrupted universities and K-12 schools nationwide, targeting Instructure, the parent company of Canvas, a widely used learning management system (LMS). The breach has impacted millions of students and faculty, forcing institutions like the University of Illinois and Illinois State University to delay final exams and assignments.

The hacking group ShinyHunters has claimed responsibility, threatening to release stolen data unless affected institutions negotiate a settlement. While highly sensitive information such as Social Security numbers and passwords appears uncompromised, exposed data includes names, email addresses, student ID numbers, and private messages, raising concerns about phishing and fraud risks.

Cybersecurity experts warn that the breach could lead to targeted scams, as stolen data may be sold to third parties. The hackers have set a May 12 deadline for institutions to respond, though no resolution timeline has been provided.

Multiple universities, including Northwestern and the University of Chicago, have confirmed the outage, with some temporarily disabling Canvas access. Instructure is investigating the incident, but schools remain uncertain when services will be restored. The attack highlights vulnerabilities in third-party education platforms, affecting institutions that rely on Canvas for daily coursework and communication.

Source: https://abc7chicago.com/post/canvas-hacked-data-breach-affects-schools-nationwide-including-university-illinois-isu/19060406/

Instructure cybersecurity rating report: https://www.rankiteo.com/company/instructure-inc-

University of Illinois Urbana-Champaign cybersecurity rating report: https://www.rankiteo.com/company/university-of-illinois-urbana-champaign

"id": "INSUNI1778215270",
"linkid": "instructure-inc-, university-of-illinois-urbana-champaign",
"type": "Cyber Attack",
"date": "4/1906",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"

{'affected_entities': [{'customers_affected': 'Millions of students and '
                                              'faculty',
                        'industry': 'Education Technology',
                        'location': 'U.S.',
                        'name': 'Instructure (Canvas)',
                        'type': 'Company'},
                       {'industry': 'Higher Education',
                        'location': 'U.S.',
                        'name': 'University of Illinois',
                        'type': 'University'},
                       {'industry': 'Higher Education',
                        'location': 'U.S.',
                        'name': 'Illinois State University',
                        'type': 'University'},
                       {'industry': 'Higher Education',
                        'location': 'U.S.',
                        'name': 'Northwestern University',
                        'type': 'University'},
                       {'industry': 'Higher Education',
                        'location': 'U.S.',
                        'name': 'University of Chicago',
                        'type': 'University'}],
 'data_breach': {'data_exfiltration': 'Threatened by ShinyHunters',
                 'personally_identifiable_information': 'Names, email '
                                                        'addresses, student ID '
                                                        'numbers',
                 'sensitivity_of_data': 'Moderate',
                 'type_of_data_compromised': 'Personal Identifiable '
                                             'Information (PII), Private '
                                             'Messages'},
 'description': 'A widespread cyberattack has disrupted universities and K-12 '
                'schools nationwide, targeting Instructure, the parent company '
                'of Canvas, a widely used learning management system (LMS). '
                'The breach has impacted millions of students and faculty, '
                'forcing institutions like the University of Illinois and '
                'Illinois State University to delay final exams and '
                'assignments. The hacking group ShinyHunters has claimed '
                'responsibility, threatening to release stolen data unless '
                'affected institutions negotiate a settlement. Exposed data '
                'includes names, email addresses, student ID numbers, and '
                'private messages, raising concerns about phishing and fraud '
                'risks.',
 'impact': {'brand_reputation_impact': 'High',
            'data_compromised': 'Names, email addresses, student ID numbers, '
                                'private messages',
            'identity_theft_risk': 'Moderate',
            'operational_impact': 'Delayed final exams and assignments, '
                                  'temporary disabling of Canvas access',
            'systems_affected': 'Canvas LMS'},
 'initial_access_broker': {'data_sold_on_dark_web': 'Potential'},
 'investigation_status': 'Ongoing',
 'motivation': 'Extortion, Data Theft',
 'ransomware': {'data_exfiltration': 'Threatened',
                'ransom_demanded': 'Negotiation for settlement'},
 'response': {'containment_measures': 'Temporarily disabling Canvas access'},
 'threat_actor': 'ShinyHunters',
 'title': 'Massive Cyberattack Disrupts U.S. Education Sector via Canvas LMS '
          'Breach',
 'type': 'Data Breach, Ransomware Threat'}