INSTRUCTURE settles with hackers after a major Canvas breach exposed student and educator data, including names, email addresses, student ID numbers, and some user messages, though passwords, dates of birth, government identifiers, and financial information were not reported as involved. The ShinyHunters claimed responsibility for the incident and, according to Instructure, the stolen data was returned and destroyed, with assurances that customers would not be extorted.
The company has since rotated keys, implemented patches, and increased monitoring as part of the response, and a webinar discussing the incident and improvements is planned for 13 May 2026. The incident prompted formal scrutiny from the U.S.
House Committee on Homeland Security, which is investigating two cyberattacks by ShinyHunters that affected Instructure’s Canvas platform and disrupted schools during final exams, noting tens of millions of students, educators, and administrators rely on the service and that more than 8,000 institutions were involved. The committee’s correspondence highlights that the platform serves more than 30 million active users globally, underscoring the national concern surrounding the breach. according to The U.S. House Committee on Homeland Security