Canvas hack: Company strikes deal with hackers after massive cyber breach hits universities
Canvas hack: Company strikes deal with hackers after massive cyber breach hits universities
https://www.cbc.ca/news/canada/canvas-cyberhack-deal-9.7195425
Publish Date: 2026-05-12 13:46:00
Source Domain: www.cbc.ca
Using an unordered list, summarize the following article with between 4 and 8 key points. Listen to this articleEstimated 4 minutesThe audio version of this article is generated by AI-based technology. Mispronunciations can occur. We are working with our partners to continually review and improve the results.The parent company behind Canvas, a widely used learning management platform connecting students with their schools or universities, has struck a deal with the hacking group claiming responsibility for last week’s massive cybersecurity breach. “Instructure reached an agreement with the unauthorized actor involved in this incident,” the company said in statement posted online late Monday. As part of the deal, the company said the impacted data was returned and that it had also received digital verification the data was destroyed (via “shred logs”). Instructure said it received an assurance that none of its customers would be extorted “as a result of this incident, publicly or otherwise” and specified that “there is no need for individual customers to attempt to engage with the unauthorized actor.”No further details about the deal were disclosed, including whether it involved payment.A hacker group called ShinyHunters, previously tied to breaches at Ticketmaster and Google’s Salesforce database, quickly claimed responsibility for the cyberattack last week. The group claimed it had compromised the personal info of 275 million people and had threatened to publicly release the stolen data — full names, email addresses, student numbers and personal messages, according to Instructure — unless paid an undisclosed sum.In an online message, a ShinyHunters representative told Reuters the “data is deleted, gone. The company and its customers will not further be targeted or contacted for payment by us.” The rep declined to answer specific questions about the agreement.At schools and universities, instructors use Canvas to share a wide range of material with students, from course notes to media to exams. They might also use it to communicate and share grades or other updates, while students at some institutions also use the platform to submit their assignments. Canadian users include University of Alberta, University of Toronto and University of British Columbia. WATCH | Threat intelligenct analyst outlines Canvas breach:There’s a data breach at Canadian schools. What do we know?Canvas, a program used by postsecondary schools across Canada, has been hit by hackers. A group called ShinyHunters is claiming responsibility — and asking for a ransom. Emsisoft threat intelligence analyst Luke Connolly lays out what we know.Luke Connolly, an Ottawa-based threat intelligence analyst at cybersecurity firm Emsisoft, discourages paying ransoms after data breaches, which he says sets off a cascade effect. “It encourages the criminals to continue to look for new victims,” he said in an interview with CBC News. “The payments actually fund their development of new techniques [to exploit others].”In the case of the early 2025 PowerSchool cyberattack that impacted K-12 school boards across Canada and abroad, an initial ransom demand to the learning management platform’s parent company was followed by extortion demands at individual school boards mere months later.David Shipley, CEO of Fredericton-based Beauceron Security, expressed sympathy for those facing the “awful choice” of paying a ransom after a cybersecurity breach, but he also strongly discourages payment. While Instructure is a victim in this case, Shipley told CBC News, “at the end of the day, they were the custodians for this data and they have that responsibility to protect it.”WATCH | Your data was exposed in a cyber breach. What’s next?:Caught in a data breach? 3 tips for what to do nextCybersecurity expert Robert Falzon, Canadian head of engineering at Check Point Software Technologies, shares his top three tips of what students and staff impacted by the Canvas cyber incident should be doing next.Instructure itself acknowledged the continued uncertainty of the ongoing, “unsettling situation” and said protecting its community of users remains its top priority.”While there is never complete certainty when dealing with cyber criminals, we believe it was important to take every step within our control to give customers additional peace of mind, to the extent possible,” Instructure said. The company says forensic analysis of the breach is ongoing by experts, and it vowed to continue with regular updates about their findings.
