ShinyHunters has claimed responsibility for a prolonged attack on Instructure’s Canvas platform, threatening to leak stolen data after disrupting access for schools nationwide and defacing login pages. The incident exposed sensitive user and enrollment information across thousands of education systems, prompting scrutiny from lawmakers and renewed concerns about third-party vendor risk. #ShinyHunters #Instructure #Canvas
Keypoints
- ShinyHunters claimed to steal 3.65 terabytes of data from Canvas.
- Canvas was taken offline after login page defacement and other malicious activity.
- The incident disrupted access for schools, students, and teachers nationwide.
- Exposed data included usernames, email addresses, course names, enrollment information, and messages.
- The House Homeland Security Committee requested a briefing from Instructure by May 21.
Read More: https://cyberscoop.com/canvas-instructure-data-theft-extortion-the-com/