'%2F%3E%0A%20%20%20%20%3Crect%20width%3D'1600'%20height%3D'900'%20fill%3D'url(%23v)'%2F%3E%0A%20%20%20%20%3Cg%20opacity%3D'0.08'%20fill%3D'%23ffffff'%3E%0A%20%20%20%20%20%20%3Ccircle%20cx%3D'1420'%20cy%3D'180'%20r%3D'220'%2F%3E%0A%20%20%20%20%20%20%3Ccircle%20cx%3D'1500'%20cy%3D'760'%20r%3D'120'%2F%3E%0A%20%20%20%20%3C%2Fg%3E%0A%20%20%20%20%3Cline%20x1%3D'80'%20y1%3D'172'%20x2%3D'220'%20y2%3D'172'%20stroke%3D'%23ffffff'%20stroke-width%3D'3'%20stroke-opacity%3D'0.6'%2F%3E%0A%20%20%20%20%3Ctext%20x%3D'80'%20y%3D'140'%20font-family%3D'Inter%2C%20-apple-system%2C%20Helvetica%2C%20sans-serif'%20font-weight%3D'700'%20font-size%3D'28'%20fill%3D'%23ffffff'%20letter-spacing%3D'6'%3EHANNA%20%C2%B7%20NEWS%3C%2Ftext%3E%0A%20%20%20%20%3Ctext%20x%3D'80'%20y%3D'230'%20font-family%3D'Inter%2C%20-apple-system%2C%20Helvetica%2C%20sans-serif'%20font-weight%3D'600'%20font-size%3D'40'%20fill%3D'%23ffffffb3'%20letter-spacing%3D'4'%3ETECH%3C%2Ftext%3E%0A%20%20%20%20%3Ctext%20x%3D'80'%20y%3D'622'%20font-family%3D'Playfair%20Display%2C%20Georgia%2C%20serif'%20font-weight%3D'800'%20font-size%3D'86'%20fill%3D'%23ffffff'%20letter-spacing%3D'-1'%3ECanvas%20Breach%20Exposes%20Over%3C%2Ftext%3E%3Ctext%20x%3D'80'%20y%3D'721'%20font-family%3D'Playfair%20Display%2C%20Georgia%2C%20serif'%20font-weight%3D'800'%20font-size%3D'86'%20fill%3D'%23ffffff'%20letter-spacing%3D'-1'%3E275%20Million%20Student%20and%3C%2Ftext%3E%3Ctext%20x%3D'80'%20y%3D'820'%20font-family%3D'Playfair%20Display%2C%20Georgia%2C%20serif'%20font-weight%3D'800'%20font-size%3D'86'%20fill%3D'%23ffffff'%20letter-spacing%3D'-1'%3EFaculty%20Records%3C%2Ftext%3E%0A%20%20%20%20%3Ctext%20x%3D'80'%20y%3D'870'%20font-family%3D'Inter%2C%20-apple-system%2C%20Helvetica%2C%20sans-serif'%20font-weight%3D'500'%20font-size%3D'22'%20fill%3D'%23ffffff66'%20letter-spacing%3D'2'%3Enews.hanna-ai.com%3C%2Ftext%3E%0A%20%20%3C%2Fsvg%3E)
A ransomware attack on the Canvas learning-management platform locked out millions of users and exposed hundreds of millions of records [1].
This breach disrupts the primary digital infrastructure for thousands of educational institutions, placing the sensitive personal data of students and faculty at risk of exploitation.
The lockout began on May 7, 2026 [2], affecting universities and colleges across the U.S. and Canada [3]. The hacker group ShinyHunters claimed responsibility for the attack, demanding a ransom and threatening to sell or release stolen data [4].
Reports indicate that over 275 million student and faculty records may have been compromised [5]. The scale of the breach impacted millions of students who were unable to access their coursework and academic materials [1].
Instructure, the parent company of Canvas, negotiated with the attackers to resolve the crisis. While some reports state a deal was reached to ensure the hackers delete the stolen data [4], other sources said the company paid the ransom [5]. The exact amount of any payment was not disclosed.
Following the incident, the U.S. Congress called the CEO of Instructure to testify as part of an investigation into the breach [3]. The investigation seeks to determine how the security failure occurred and why the platform's defenses were unable to prevent the lockout.
“Over 275 million student and faculty records may have been compromised”
The scale of this breach underscores the vulnerability of centralized educational software. By targeting a single platform used by thousands of institutions, attackers can create massive leverage, forcing companies to choose between paying ransoms or facing global academic paralysis and the leak of millions of records belonging to minors and adults.
