:

CANVAS DOWN AS SHINYUNTERS THREATENS DATA LEAK

INDUSTRY DESK2 MIN READ
THU, MAY 7, 2026

■ AI-SUMMARIZED FROM 5 SOURCES ▸ TIMELINE

Canvas, the widely-used learning management platform owned by Instructure, went offline after confirming a major data breach affecting student records. The hacking group ShinyHunters claimed responsibility and threatened to leak the compromised data.

Canvas experienced an outage on Thursday as the platform dealt with fallout from a confirmed security breach. The incident exposed student names, email addresses, ID numbers, and private messages across multiple institutions. ShinyHunters, the hacking collective behind the attack, posted a message to users attempting to access the system. The group claimed that Instructure ignored their breach notification and instead opted to apply "security patches" rather than engage in direct communication. According to ShinyHunters' statement, the group threatened to leak data from schools using the platform if their demands were not met. The specific nature of those demands remained unclear, though the message suggested Instructure's response fell short of expectations. Canvas serves thousands of educational institutions globally, making the breach a significant incident affecting students and faculty across multiple schools. The platform is essential infrastructure for many organizations, handling course materials, assignments, grades, and communications. Instructure has not yet released a comprehensive public statement detailing the scope of the breach, the number of affected institutions, or their response timeline. The outage represents both a technical disruption and a security crisis that will likely prompt increased scrutiny of the company's data protection practices. This marks another incident in a pattern of breaches affecting educational technology providers. Schools and students now face potential identity theft risks from the exposed personal information, including ID numbers that could facilitate fraud. The situation highlights ongoing tensions between security researchers and large technology companies over breach disclosure and remediation processes. ShinyHunters' criticism of Instructure's handling suggests a breakdown in communication during the incident response phase.

■ SOURCES

The VergeBleeping ComputerHacker NewsWiredTechmeme

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

Grok CLI experienced a critical bug that caused it to upload entire home directories to Google Cloud Storage. The issue sparked significant discussion in the developer community about data handling practices.

JUST NOWIndustry Desk

Aylo, Pornhub's parent company, will restore access to the site in the UK through Apple's device-level age verification system in iOS 26.4. The move requires users to complete age verification before accessing the platform.

1H AGOIndustry Desk

Australia's eSafety Commissioner has identified significant gaps in how major tech platforms address online sexual extortion. Young men are reporting sextortion at higher rates than any other demographic, with over 2,000 complaints filed in just six months.

1H AGOIndustry Desk

Angelo Martino, a ransomware negotiator, was sentenced to 70 months in prison for colluding with attackers to defraud victims. Martino helped orchestrate scams that extracted over $75 million from ransomware victims.

1H AGOSecurity Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.