ShinyHunters claim responsibility for the Instructure Canvas LMS breach, threatening to leak the entire list of affected schools unless a settlement is negotiated by May 7, 2026. They urge the affected schools to consult a cyber advisory firm and contact them privately to negotiate terms, warning that failure to pay will worsen the situation and that Instructure has not engaged with them. #Unknown
Incident Details
- Victim: Entire list of affected schools by Instructure breach
- Sector: Education
- Country:
- Actor: shinyhunters
- Source:
- Discovered: 2026-05-05T04:54:30.277730+00:00
- Published: 2026-05-05T04:54:28.929701+00:00
Information
- The download button below contains a list of affected schools from the Instructure Canvas LMS data breach.
- If any school in the file wishes to prevent release of their data, consult a cyber advisory firm and contact us privately at TOX to negotiate a settlement.
- You have until the end of the day on 7 May 2026 to prevent the leak; after that there will be no chance for negotiation.
- Instructure has not contacted us to understand the situation or to negotiate to prevent the release of this data.
- Our demand was not as high as you might expect.
- The company appears indifferent to the students and institutions affected by this breach.
- Instructure still has until 6 May 2026 to come speak with us.
- There is no better option than reaching an agreement with us.
- Not paying will only worsen the situation rather than resolve it.
- Updated: 5 May 2026.
- Warning: FINAL WARNING — PAY OR LEAK.
Disclaimer: This post is based on public claims made by the ransomware group "shinyhunters". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.