Staff Report: PNN
Educational technology service provider Instructure has reportedly suffered another cyberattack. After a recent incident involving the theft of student and teacher personal data, hackers have now defaced login pages of multiple schools on the company’s popular Canvas platform.
According to technology media reports, the notorious hacker group “ShinyHunters” displayed their message on login pages of three separate educational institutions. The message claimed that if the company does not negotiate with them, they will release the stolen data on May 12.
Analysis shows that hackers modified the structure of the login page by attaching an HTML file, allowing users to see threatening messages instead of the normal login interface.
Following the attack, users experienced access issues on Instructure’s website for some time. Many saw messages indicating “too many requests,” while Canvas displayed notices of scheduled maintenance.
Instructure has not issued any immediate official statement regarding the incident.
Earlier this week, the company had already confirmed that a cyberattack had resulted in the theft of student names, email addresses, and private messages between students and teachers. ShinyHunters also claimed responsibility for that attack.
The hacker group claims to have collected data from nearly 9,000 educational institutions worldwide, affecting about 230 million individuals, although this claim has not been independently verified.
Cybersecurity experts say ShinyHunters has been targeting organizations using a similar pattern in recent years—first stealing data, then threatening to release it to extort money.
Experts also warn that as digital platforms become more widely used in education, ensuring the security of student and teacher data is becoming a major challenge.
