Sedona Sweginnis | Newsroom Manager & Head Editor
May 22, 2026
On Thursday, May 7th of this year, the education management program, Canvas, was hacked by a group known as ShinyHunters. The platform’s parent company, Instructure, put the website in maintenance mode immediately following the hack, effectively blocking the website’s roughly 275 million users from accessing their school materials, while Instructure worked on diffusing the information leak that ShinyHunters had threatened. Although this hack created obvious immediate challenges by rendering the application temporarily useless during exam season, the truly frightening nature of it lies in its broader implications. Near endless amounts of sensitive data have been moved from analogue to digital platforms, implying that such disruptive digital piracy will continue to plague society so long as there are hackers willing to search for ways to exploit these online databases.
ShinyHunters, the hacking group linked with these breaches, has also been linked to recent data breaches at several Ivy League universities, a 2024 hack on Ticketmaster, and one other smaller attack on Canvas only a few days prior to the major one. Instructure disregarded the first attack and performed some minor “security patches,” leading ShinyHunters to launch a more comprehensive attack that would force the attention they were seeking.
In the second attack, the group reached out to Instructure, claiming to have harvested startling amounts of sensitive information and demanding a ransom payment in exchange for ShinyHunters abandoning its next step of selling off its recently attained data on the dark web. Furthermore, through the numerous emails attained in the breach, ShinyHunters sent out emails to many Canvas users requesting ransom in exchange for the ensured privacy of their information.
The FBI quickly became involved with this large-scale domestic breach, advising all Canvas users to refrain from engaging with the hackers in any way while they worked with Instructure to formulate a plan for effectively ensuring their users’ privacy. The very next day, May 8th, the website was mostly running smoothly again. A deal was said to be brokered between Instructure and ShinyHunters on May 11th, one day before the deadline that was presented by the hackers. It appears Instructure opted to pay the ransomware in order to ensure their users’ privacy, leading to an ambiguous announcement regarding an agreement with the “unauthorized actor” and the discontinuation of Free-For-Teacher accounts.
Although opting to pay the ransomware will likely preserve the personal information’s privacy for the time being, hacking groups can be largely unreliable and the concern of what they may do with the information they harvested in the future remains prevalent. Additionally, opting to appease the ransom will only encourage similar actions by hacking groups in the future. Education platforms, such as Canvas, embed countless amounts of pertinent information about their users, making them clear targets for hacking groups. The future of crime appears to be pioneering the digital trail, forcing companies that house major online databases, especially schools and hospitals, to retrace their steps and fortify their online protections to prevent their users from a similar fate to those of Canvas.
Canvas is one of the most widespread learning management systems in North America, with almost half of higher education institutions in this region utilizing it. The platform has 275 million users from nearly 9,000 institutions, revealing the vast expanse of information stored within the site and the many people that were affected by its temporary shutdown.
Many users became frantic at the dawn of the shutdown, which occurred during the spring finals season. Many students were concerned about their lack of access to their study materials that were housed on Canvas while many administrators even postponed exams, fearing the site would not be available to exam administration in the days that would follow the shutdown. However, not all users experienced immediate negative impacts from the attack. Some students were relatively unaffected, such as SCHS junior Luisa D’Acosta who expressed that “it didn’t really affect [her]” because she was using resources outside of Canvas to study for her AP U.S. History exam the next day, leading her to “barely [notice] it happened.” Others, including junior Emma Burke, were even grateful for the extensions granted by the hack. Burke noted that one of her classes was given a much-appreciated “extra three days to finish” their project as they “weren’t able turn it in” on Thursday.
Overall, no matter the immediate effects, this hack produced startling lasting implications. We live in an ever-digitizing world that is showing no signs of slowing down, meaning cyber attacks, such as this one, will likely only become more common. Rather than just an anomaly, this hack must be taken as a serious warning for all digital companies to be vigilant and strengthen their digital protections to protect the privacy of their users moving into the future.
Leave a Reply