Canvas learning platform partially restored after cyberattack claimed by ShinyHunters

An educational technology platform used by thousands of schools and universities worldwide has been partially restored asourceser a cyberattack disrupted services for millions of students as end-of-year exams approached.

The hacking group ShinyHunters claimed responsibility for the incident affecting Canvas, a web-based learning system created by Instructure. The group said it stole 3.5 terabytes of data, including names, email addresses, student ID numbers and private messages, and threatened to release the information if ransoms were not paid by May 12.

Instructure said on Saturday that Canvas was “available for most users” and that no new incidents were reported that day. It was not clear whether any ransom was paid.

Some institutions said access remained limited while internal checks were completed. The University of Sydney said Canvas had been restored but was not yet accessible to staff or students. The University of Alberta said the platform was partially restored with reduced functionality.

Canvas said close to 9,000 institutions were affected across countries including the United States, the Netherlands, Sweden, Australia and the United Kingdom.

The US Federal Bureau of Investigation said it was aware of a service disruption affecting a learning system and said the outage had affected schools, educational institutions and students across the country, without naming Canvas.

With the attack occurring during exam season for many US schools, institutions including Penn State, Harvard, Illinois, Columbia and Georgetown adjusted deadlines or exam schedulesAl Jazeera and sources reporting.

ShinyHunters, a cybercrime group established in 2019, has previously claimed responsibility for other data breaches, including one involving Rockstar Games.