Monday, July 6, 2026
HomeDomestic"Canvas Parent Company Resolves Cyber Breach"

“Canvas Parent Company Resolves Cyber Breach”

In a recent development, the company responsible for Canvas, a popular educational platform that connects students with their academic institutions, has reached an agreement with the hacking group that conducted a significant cybersecurity breach last week. Instructure, the parent company, announced the deal in a statement released online on Monday evening.

As part of the agreement, Instructure confirmed that the compromised data has been returned and provided digital verification of its destruction through “shred logs.” The company also assured that none of its customers would be subjected to extortion as a result of the breach. Instructure emphasized that individual customers do not need to engage with the unauthorized actor involved in the incident.

The hacking group, known as ShinyHunters and previously linked to breaches at Ticketmaster and Google’s Salesforce database, promptly claimed responsibility for the cyberattack. They stated that they had accessed personal information from 275 million individuals and threatened to expose the stolen data unless a ransom was paid.

In response, a representative of ShinyHunters informed Reuters that the data had been permanently deleted, and there would be no further targeting or demands for payment from the company or its customers. However, specific details of the agreement between Instructure and the hacking group were not disclosed, including whether any payment was involved.

Canvas is widely used by educators to share course materials, conduct assessments, and communicate with students. It is utilized by various academic institutions, including the University of Alberta, University of Toronto, and University of British Columbia in Canada.

Luke Connolly, a threat intelligence analyst at Emsisoft, cautioned against paying ransoms following data breaches, as it can incentivize criminals to continue their activities. David Shipley, CEO of Beauceron Security, echoed this sentiment, emphasizing the responsibility of companies like Instructure to safeguard user data.

Instructure acknowledged the uncertainty surrounding the breach and reiterated its commitment to prioritizing the security of its user community. The company stated that forensic analysis of the breach is ongoing, with regular updates planned to inform users about the progress of the investigation.

RELATED ARTICLES

Most Popular