Hackers target Instructure's Canvas, demand ransom by May 12

other · 2026-05-08

The cybercriminal organization known as ShinyHunters has altered login pages for various schools throughout the United States, specifically aiming at Instructure's Canvas learning management system. They have given Instructure until May 12 to engage in ransom negotiations. This attack has put both student and faculty information at risk, transforming online classrooms into lucrative data targets. The incident has impacted a wide range of educational institutions across the country, heightening worries regarding cybersecurity within digital education platforms.

Key facts

ShinyHunters defaced login pages at schools nationwide.
May 12 deadline set for Instructure to negotiate ransom.
Targeted Instructure's Canvas learning management system.
Compromised student and faculty data.
Cybercrime group turned online classrooms into a data goldmine.
Attack affected numerous educational institutions across the US.
Raises concerns about cybersecurity in digital education.
Instructure is the company behind Canvas.

Entities

Institutions

Instructure
ShinyHunters

Locations

United States

Sources

Quartz — 2026-05-08
Wired Design — 2026-05-08