A hacker claiming to be the ShinyHunters extortion gang says they stole 280 million records tied to students and staff from 8,809 colleges, school districts, and online education platforms using Instructureβs Canvas export features. Instructure is investigating while universities issue statements, the attacker published institution-level record counts and BleepingComputer and others seek independent verification. #ShinyHunters #Instructure
Keypoints
- ShinyHunters claims to have stolen 280 million records from 8,809 educational institutions.
- Exposed data reportedly includes names, email addresses, private messages, and enrollment information.
- The attacker says data was extracted using Canvas export features such as DAP queries, provisioning reports, and user APIs.
- Instructure is investigating the breach while affected universities are issuing statements and assessing impact.
- The threat actor published per-institution record counts and claimed hundreds of gigabytes of harvested data, but independent verification is pending.