The cybercriminal group ShinyHunters has struck the educational platform Canvas again on May 7, causing a massive disruption during final exams week. This is the second attack in a month, after compromising Instructure's infrastructure on April 30. Up to 275 million users had their names, emails, and private messages exposed.
Security patches that didn't stop the data leak 🔐
Instructure applied security patches after the first attack on April 30, but ShinyHunters responded with a new assault on May 7. The attackers replaced the homepages with an extortion message, giving institutions until May 12, 2026, to pay and avoid the publication of the data. The breach exposed critical information of students and teachers, including private messages.
Ransomware also hates final projects 😈
Because of course, nothing says good luck on your exams like an extortion message on the homepage. ShinyHunters decided students already had enough stress and added a bonus of digital panic. Now, while some cry over their grades, others cry over their personal data. At least the deadline to pay is in 2026, so there's time to sell the car.