On Thursday, a significant number of students throughout the U.S. experienced disruptions to the Canvas learning platform as various universities look into a cybersecurity incident impacting several institutions.
Canvas, a cloud-based tool used by schools to handle coursework, grades, and communication, faced a critical outage. This happened at a particularly inconvenient time for many universities, as final exams were underway.
The platform supports countless educational bodies nationwide, and any extended disruption poses risks to exams and deadlines. There’s an underlying concern that sensitive student information might be at risk, assuming the hackers’ claims have merit.
Alicia Acuña shared that her son, a college student in Florida, encountered messages popping up on his computer screen during an exam. This incident underscores the kind of confusion students are grappling with at such a pivotal moment in their academic journeys.
A message surfaced on some users’ dashboards, allegedly from the cybercrime group ShinyHunters, asserting responsibility for the disruption. They mentioned having “infiltrated Instructor (again),” the company behind Canvas. The message urged affected institutions to “negotiate a settlement” to keep the data from being made public, setting a deadline of May 12, 2026.
University officials have acknowledged the problem and are actively working to restore access. At the University of Pennsylvania, administrators informed faculty and students that they are “actively investigating” the situation and collaborating with industry experts to restore Canvas functionality quickly. They also mentioned that this issue extends beyond their institution, affecting multiple schools.
A Maryland school district advised families and teachers to avoid the platform. Anne Arundel County Public Schools blocked access to Canvas after spotting unusual activity, instructing users not to log in or enter any credentials on any interface, as noted in a message reported by Fox News Digital.
Instructor stated on its status page that they are “currently investigating this issue.” Previous updates indicated that a cybersecurity incident had been identified recently, and they are partnering with outside experts.
ShinyHunters claimed that they used Canvas to access data tied to numerous schools. They allegedly acquired user information like names, email addresses, and student IDs, although Instructure stated there was no evidence of compromised passwords or financial information.
Reports from student publications, such as the Daily Pennsylvanian and Duke’s The Chronicle, indicated that the curious message about the cyber incident briefly appeared on Canvas before being replaced by an announcement about “routine maintenance.”
ShinyHunters is recognized for its history of high-profile data breaches, having previously targeted educational and technology organizations, including universities and associated vendors in recent months.
The complete impact of this disruption and whether any data has been accessed or released remains unverified.
