Major Data Breach at Canvas Affects 275 Million Users

Major Data Breach at Canvas Affects 275 Million Users

First seen 3 May 2026, 22:46 UTC BleepingcomputerCybernewsNews.AzStudentnews.Manchester.Ac.UkGbhackers+406 85% similarity 71.0

Article Content

Browse articles
ThreatCluster

Instructure, the company behind the Canvas learning management system, confirmed a significant data breach involving the ShinyHunters hacking group. The attackers claim to have stolen over 3.65TB of data, potentially impacting up to 275 million users, including students, teachers, and staff from nearly 9,000 institutions worldwide. The exposed information includes names, email addresses, student ID numbers, and private messages, although there is no evidence that passwords or financial data were compromised. Instructure is currently working with cybersecurity experts and law enforcement to investigate the breach and has implemented security measures, including patching vulnerabilities and increasing monitoring. The attackers have threatened to leak the data unless their demands are met, with a deadline set for May 6, 2026. The incident highlights the growing trend of cyberattacks targeting educational technology firms, which hold vast amounts of personal information.

Key Points: • Instructure confirmed a data breach affecting 275 million users of Canvas LMS. • ShinyHunters claims to have stolen over 3.65TB of data, including sensitive user information. • Instructure is investigating the breach and has implemented security measures to mitigate impact.

ThreatCluster AI

Timeline

2026-05-01
Instructure discloses a cybersecurity incident.
2026-05-03
ShinyHunters claims responsibility and threatens to leak data.
2026-05-04
Instructure confirms the breach and outlines affected data.

Community

Browse all →