Instructure confirmed that attackers exploited cross-site scripting flaws to hijack authenticated admin sessions, modify Canvas login portals, and post an extortion message. ShinyHunters claimed responsibility for the breach, saying it stole data from Instructure and targeted the Free-for-Teacher Canvas environment used by schools and educators. #Instructure #Canvas #ShinyHunters #FreeForTeacher
Keypoints
- Instructure confirmed a breach that affected its Canvas platform.
- Attackers used multiple XSS vulnerabilities to gain authenticated admin access.
- The same flaw was later used to deface Canvas login portals with an extortion note.
- The attack targeted the Free-for-Teacher environment and forced a temporary shutdown.
- ShinyHunters claimed data theft affecting thousands of educational organizations and millions of records.