Harvard Canvas Site Goes Down After University Listed in Instructure Breach
The Harvard Crimson • • general
Key Points:
- Harvard students lost access to the Canvas platform on Thursday afternoon after the cybercriminal group ShinyHunters claimed to have breached Instructure, Canvas’ parent company, and listed Harvard among thousands of affected schools.
- The Canvas site for Harvard initially redirected users to a message from ShinyHunters around 3:30 p.m., which later changed to a scheduled maintenance notice by 4:20 p.m., with both the web and mobile app inaccessible by 4:30 p.m.
- ShinyHunters accused Instructure of ignoring their outreach and demanded that affected schools negotiate a settlement by May 12 to avoid data leaks, though it remains unclear what specific Harvard affiliate information was compromised.
- Harvard University’s Information Technology department confirmed awareness of the incident and stated they are actively investigating, promising updates on the situation.
- ShinyHunters initially announced the breach on Sunday, claiming to have stolen data from 275 million affiliates across 9,000 schools, with a prior deadline of May 6 for responses to their demands.
