Instructure Pays Ransom to Canvas Hackers
Inside Higher Ed • • nation
Key Points:
- Instructure paid a ransom to the cybercriminal group ShinyHunters after the gang twice hacked its Canvas learning management system, affecting approximately 275 million users from over 8,800 institutions.
- The ransom deal included digital confirmation from the hackers that the stolen data was destroyed and assurances that no customers would face extortion related to the incident.
- The breaches caused significant service disruptions during a critical academic period, leading many universities to postpone exams and assignment deadlines as Canvas access was temporarily disabled.
- ShinyHunters had initially demanded a ransom by May 6 and issued a second threat with a May 12 deadline after Instructure attempted security patches instead of paying immediately.
- Instructure’s CEO acknowledged communication shortcomings during the crisis and pledged to provide more consistent updates moving forward while continuing forensic analysis and security improvements.