Back

Instructure Data Breach: ShinyHunters Claims Responsibility for Major Cyberattack

Severity: High (Score: 69.8)

Sources: Bleepingcomputer

Summary

Instructure, the education technology firm behind Canvas, confirmed a significant data breach on May 3, 2026, attributed to the ShinyHunters extortion gang. The breach exposed personal information of nearly 275 million individuals across approximately 9,000 institutions worldwide, including names, email addresses, and student ID numbers. ShinyHunters claimed responsibility, stating that the data was stolen through a vulnerability in Instructure's systems, which has since been patched. The stolen data reportedly includes billions of private messages among users, raising concerns about the privacy of conversations. Instructure is currently collaborating with third-party cybersecurity experts and law enforcement to investigate the incident and has implemented measures such as increased monitoring and application key rotations. As of now, no evidence suggests that passwords or financial information were compromised. The company has not disclosed when the breach occurred or if they are being extorted. The situation remains under investigation, with updates expected as more information becomes available. Key Points: • Instructure confirmed a data breach affecting 275 million individuals across 9,000 institutions. • ShinyHunters claimed responsibility, exploiting a vulnerability that has now been patched. • No evidence of compromised passwords or financial data has been found so far.

Key Entities

  • Data Breach (attack_type)
  • Infinite Campus (company)
  • Instructure (company)
  • PowerSchool (company)
  • Education (company)
  • Salesforce (company)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed