BrianKrebsMay 8

New, from me: Canvas Breach Disrupts Schools and Colleges Nationwide

"An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States today, after a cybercrime group defaced the service’s login page with a ransom demand that threatened to leak data from 275 million students and faculty across nearly 9,000 educational institutions."

"Canvas parent firm Instructure responded to today's defacement attacks by disabling the platform, which is used by thousands of schools, universities and businesses to manage coursework and assignments, and to communicate with students."

Lots more here:

https://krebsonsecurity.com/2026/05/canvas-breach-disrupts-schools-colleges-nationwide/

#canvas #breach #shinyhunters #instructure

Show threadBrianKrebsMay 12

Instructure says it paid a ransom. SMH

"STATUS UPDATE 5/11/26

We know that concerns about the potential publication of data related to this incident remain top of mind for many customers. We understand how unsettling situations like this can be, and protecting our community remains our top priority."

"With that responsibility in mind, Instructure reached an agreement with the unauthorized actor involved in this incident. As part of that agreement:"

"The data was returned to us.
We received digital confirmation of data destruction (shred logs).
We have been informed that no Instructure customers will be extorted as a result of this incident, publicly or otherwise."

'This agreement covers all impacted Instructure customers, and there is no need for individual customers to attempt to engage with the unauthorized actor.
While there is never complete certainty when dealing with cyber criminals, we believe it was important to take every step within our control to give customers additional peace of mind, to the extent possible. We continue to work with expert vendors to support our forensic analysis, further harden our environment, and conduct a comprehensive review of the data involved. We will continue to provide updates as that work progresses."

https://www.instructure.com/incident_update

Security Incident Update & FAQs

Instructure
Show threadMike Sheward
@briankrebs “the criminals have informed us they will do no other crimes, and who are we to believe otherwise”
May 12 at 12:53amWeb
Show threadChilly  🛡️  May 12
@SecureOwl
Scout's honor
@briankrebs
Show threadDan SchnauMay 12
@SecureOwl @briankrebs what a joke
Show threadMike ShewardMay 12

@danschnau @briankrebs maybe its just the final lesson of the semester, no matter how hard you work, someone will come a long at the last second, steal it, and get paid more than you can ever imagine

setting them students up for the AI economy

Show threadDan SchnauMay 12
@SecureOwl @briankrebs it definitely doesn’t do much to combat the belief that “crime doesn’t pay” when literally it does