Thousands of students across the United States faced sudden disruption this week after the popular learning platform Canvas went offline following a major cyberattack during the peak final exam season.
The outage affected several major universities, including Harvard University, University of Michigan and Pennsylvania State University, leaving students unable to access assignments, grades, coursework and online exams for several hours.
Canvas is operated by Instructure and is widely used by schools and colleges around the world for online learning management.
Hackers Claim Massive Student Data Access
Cybercrime group ShinyHunters claimed responsibility for the attack and alleged that data linked to nearly 9,000 educational institutions worldwide had been compromised.
According to reports, the hackers claimed they accessed information connected to nearly 275 million individuals, including students, teachers and university staff. The group reportedly threatened to leak the data if ransom demands were not negotiated within a specified deadline.
However, Instructure stated that its investigation found no evidence that highly sensitive information such as passwords, banking details, government identification numbers or birth dates were exposed.
The company said the accessed information may include names, email addresses, student identification numbers and messages exchanged between Canvas users.
Platform Restored After Hours of Disruption
By May 8, Canvas services had largely returned to normal operations. Instructure confirmed that the platform was back online and accessible for most users after technical teams worked to stabilize the system.
During the disruption, many students reported difficulty logging into accounts and accessing coursework at a critical academic period when universities were conducting spring semester examinations and assignment submissions.
The company said affected institutions had already been informed about the security issue and were advised to guide students and staff on precautionary steps.
Students Warned About Phishing Risks
Cybersecurity experts are now warning students and university employees to remain alert for possible phishing attempts and scam emails related to the incident.
Users have been advised to avoid clicking suspicious links, monitor unusual account activity and enable multi-factor authentication wherever possible. Experts also recommend changing passwords on other accounts if the same credentials were used for Canvas logins.
The incident has once again raised concerns about the growing number of cyberattacks targeting educational institutions and online learning platforms that store large volumes of student data.
Growing Threat to Education Platforms
The attack highlights how universities and digital education systems are becoming major targets for organized cybercrime groups due to the enormous amount of personal and academic data stored online.
With online learning now deeply integrated into education systems worldwide, cybersecurity experts say institutions may face increasing pressure to strengthen protection against ransomware attacks and large-scale data breaches.
Check: Did Hackers Just Steal Data From 275 Million Canvas Users?.
