:

INSTRUCTURE REACHES DEAL WITH HACKERS AFTER TWO BREACHES

SECURITY DESK2 MIN READ
TUE, MAY 12, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

Canvas software maker Instructure announced an agreement with hackers who breached its systems twice, though the company offered no assurance the attackers will honor the deal or refrain from releasing stolen data.

Instructure, which provides Canvas learning management software to schools and universities worldwide, disclosed it has reached an agreement with the threat actors responsible for two separate security breaches. The company did not disclose specific terms of the deal or explain what concessions were made. In a statement, Instructure said it "reached an agreement" with the hackers but provided no guarantees regarding data protection or the attackers' future conduct. The lack of transparency raises significant questions about the effectiveness of such negotiations. Cybersecurity experts have long warned that paying or negotiating with threat actors provides no binding assurance that stolen data will be deleted or withheld from public release. Hackers can easily copy files before agreeing to terms, then distribute the information later for additional profit. Instructure serves educational institutions across multiple continents, making any data breach a concern for millions of students and staff members. The nature of the information accessed during the two breaches has not been fully disclosed. This incident highlights the difficult position organizations face when targeted by cybercriminals. Schools and universities often choose negotiation as a last resort to minimize potential harm, despite the inherent risks of dealing with attackers who operate outside legal systems. The company has not announced whether it will notify affected users about the breaches or provide details on what data was compromised. Instructure said it is working to strengthen security measures, a standard response that typically follows major incidents. The agreement comes as educational institutions increasingly face cyberattacks. Ransomware gangs and data thieves frequently target schools due to their valuable student and staff records, often combined with limited IT resources compared to larger enterprises. Users of Canvas should monitor their accounts for suspicious activity and consider changing passwords as a precautionary measure.

■ SOURCES

TechCrunch

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

Australia's eSafety watchdog will investigate whether major adult websites are allowing users to bypass age verification requirements using virtual private networks (VPNs). The probe follows new regulations introduced in March requiring age checks on adult content.

1H AGOIndustry Desk

Dutch National Police have identified strong evidence that Dutch hackers were responsible for a February breach at telecommunications provider Odido. The investigation marks a significant development in the case.

1H AGOSecurity Desk

Surveillance technology company Flock Safety did not issue a cease-and-desist letter to The Saturday Salon, a Newport Beach lecture series, despite claims posted on Instagram Thursday. The incident reignites debate over the company's practices and relationship with law enforcement.

4H AGOSecurity Desk

The US Cybersecurity and Infrastructure Security Agency revealed it lacked a prepared incident response plan during a recent security event, forcing it to develop procedures in real time.

4H AGOSecurity Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.