THE US House Committee on Homeland Security has asked Instructure to brief them on the recent cyberattacks that disrupted Canvas, the online learning platform used by millions. An initial intrusion on 29 April disrupted tools relying on API keys, with services restored by 3 May before being taken offline again on 7 May after hackers returned and defaced school login portals.
The attack was claimed by the extortion group ShinyHunters, which allegedly stole 3.65 terabytes of data from about 9,000 educational institutions, affecting the personal information of around 275 million students, teachers and other individuals. Instructure later said it struck a deal to have the stolen data returned and erased from the hackers’ servers, and noted that an issue with Free-For-Teacher accounts was exploited in both intrusions.
The Committee’s letter requests details on how the intrusions occurred, what data were affected, how the company contained the threat, and how it coordinated with federal law enforcement and CISA, highlighting that Canvas serves more than 30 million active users globally across over 8,000 institutions.