{"id":211200,"date":"2026-05-08T19:25:00","date_gmt":"2026-05-08T23:25:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/08\/northeastern-says-no-accounts-compromised-in-canvas-attack\/"},"modified":"2026-05-08T19:50:07","modified_gmt":"2026-05-08T23:50:07","slug":"northeastern-says-no-accounts-compromised-in-canvas-attack-2","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/08\/northeastern-says-no-accounts-compromised-in-canvas-attack-2\/","title":{"rendered":"Northeastern Says No Accounts Compromised in Canvas Attack"},"content":{"rendered":"<p><a href=\"https:\/\/news.northeastern.edu\/2026\/05\/08\/canvas-cyberattack\/\">Northeastern Says No Accounts Compromised in Canvas Attack<\/a><\/p>\n<p><a href=\"https:\/\/news.northeastern.edu\/2026\/05\/08\/canvas-cyberattack\/\">https:\/\/news.northeastern.edu\/2026\/05\/08\/canvas-cyberattack\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-08 19:25:00<\/a><\/p>\n<p>Source Domain: <a href=\"news.northeastern.edu\">news.northeastern.edu<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n<p>Following a cyberattack on the popular online learning platform Canvas that rattled academic institutions this week, an ongoing review of the security breach has found that no Northeastern university-affiliated usernames or passwords had been jeopardized as of Friday, university security officials said.\u00a0<\/p>\n<p>\u201cAt this time, Northeastern hasn\u2019t observed compromised university accounts or activity outside of what Instructure has publicly shared, and details related to Canvas itself remain part of the vendor\u2019s investigation,\u201d Jen Brant\u2011Gargan, Northeastern\u2019s chief information officer, told Northeastern Global News, referring to Canvas\u2019 parent company.\u00a0\u00a0<\/p>\n<p>\u201cThis was a security incident affecting a widely used third\u2011party platform across higher education,\u201d Brant\u2011Gargan added. Northeastern cybersecurity officials said the university had not so far received any information specific to Northeastern from Instructure.<\/p>\n<p>Close to 9,000 schools and universities across the country were locked out of course materials on Thursday after Canvas was hit by a cybersecurity incident, in which the hackers demanded a settlement.\u00a0<\/p>\n<p>The notorious hacker group ShinyHunters, which has executed data breaches on the likes of Ticketmaster, Amtrak and Rockstar Games, has claimed responsibility for Thursday\u2019s Canvas attack.\u00a0<\/p>\n<p>The web-based learning management system allows educators to host course content and grade assignments and share discussion boards with students.\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0<\/p>\n<p>The attacks come at a time when schools are increasingly becoming targets for data breaches. According to a report from SentinelOne, an American cybersecurity firm, ransomware attacks \u201cacross the education sector surged by 69% from 2024 to 2025.\u201d<\/p>\n<p>Among the biggest cybersecurity stories last year was the breach of PowerSchool, the educational software provider that services more than 60 million students worldwide.\u00a0\u00a0<\/p>\n<p>The hack also comes days after Instructure, Canvas\u2019s corporate parent company, disclosed in early May that its systems had been hacked \u201cby a criminal threat actor\u201d at the end of last month.\u00a0\u00a0<\/p>\n<p>At the time, the company said it had \u201ccontained\u201d the situation, noting that hackers had exploited a vulnerability in its Free-For-Teachers service, which allows educators to create their courses on Canvas independent of their institution.\u00a0\u00a0\u00a0\u00a0\u00a0<\/p>\n<p>But in a message posted Thursday on Canvas, the alleged culprits said the company\u2019s methods didn\u2019t work.\u00a0<\/p>\n<p>Engin Kirda, professor in Northeastern\u2019s Khoury College of Computer Sciences and College of Engineering, said these types of attack are becoming increasingly more common. Photo by Ruby Wallau\/Northeastern University<\/p>\n<p>\u201cShinyHunters has breached Instructure (again). Instead of contacting us to resolve it they ignored us and did some security patches,\u201d the message read, before adding that the company had until the end of day on May 12, 2026, to negotiate a settlement \u201cbefore everything leaks.\u201d\u00a0<\/p>\n<p>In the April breach of the Free-for-Teacher service the hacker group claimed to have stolen names, email addresses, student ID numbers, and private messages between teachers and students.\u00a0\u00a0<\/p>\n<p>On Friday, Instructure said it had addressed the issue and temporarily shut down its service, and access had been restored to users.\u00a0<\/p>\n<p>Northeastern\u2019s Office of Information Security, which manages information security across the university\u2019s campuses, first learned that Instructure had suffered a ransom attack about a week ago, officials said.\u00a0<\/p>\n<p>On Thursday, attackers allegedly defaced the Canvas login page, according to Northeastern security officials. In response, Instructure redirected the Canvas login traffic to a maintenance page, temporarily taking the service offline for users nationwide.\u00a0\u00a0<\/p>\n<p>Northeastern responded separately by disconnecting its \u201csingle sign-on integration,\u201d an authentication system that lets users access multiple applications with one set of university credentials, with Canvas. Doing so effectively severed the university\u2019s authentication connection to the platform to prevent any further exposure to the compromised system.\u00a0<\/p>\n<p>While Canvas was offline, Northeastern investigators also monitored for \u201canomalous activity,\u201d including spikes in login attempts or unusual authentication behavior, to determine whether any university credentials had been compromised, university officials said.\u00a0<\/p>\n<p>The university is still conducting its own review of the incident alongside Instructure and third-party forensic responders.<\/p>\n<p>Northeastern\u2019s cybersecurity protocol includes systems that scan university-owned devices and networks across all 14 campuses for vulnerabilities, malware, ransomware and other risks. The university also employs a 24\/7 Security Operations Center and fulltime security teams that continuously watch for unusual behavior, such as strange login attempts or abnormal software activity, so that they can respond quickly if something seems suspicious, officials said.\u00a0<\/p>\n<p>Those protections are especially important in third-party breaches because the biggest danger often comes after the initial hack, if attackers are able to use the compromised platform or data they stole to attack other systems. This includes login systems, email accounts, cloud storage or other networks that process sensitive data, officials said.\u00a0<\/p>\n<p>Northeastern officials are looking to expand cybersecurity protections by expanding security coverage to more specialized systems and tightening network controls to reduce exposure to future attacks, university officials said.\u00a0<\/p>\n<p>Engin Kirda, a Northeastern professor of computer science and engineering, said in general ransomware attacks have become extremely popular in the past decade because \u201cthey are effective and work.\u201d\u00a0<\/p>\n<p>\u201cThese attacks can be extremely profitable,\u201d he said, noting that oftentimes companies end up paying the ransom to get their systems back up online. \u201cIt\u2019s the reason we keep seeing them.\u201d\u00a0<\/p>\n<p>Hackers are able to execute ransomware attacks by exploiting vulnerabilities in a company\u2019s system or by gaining access to someone\u2019s login credentials, often by using nefarious means.\u00a0<\/p>\n<p>In the case of Canvas, the Free for Teachers service account likely has \u201cvery light verification,\u201d he said, making it easy to exploit.\u00a0<\/p>\n<p>\u201cThe ransom angle comes from what they can reach once inside,\u201d Kirda said. \u201cStudent records, grades, course content, and personally identifiable information all have value. Attackers typically threaten to publish stolen data, and in some cases encrypt parts of the system, then demand payment to stop the leak or restore access.\u201d<\/p>\n<p>While he said companies tend to have defenses in place to prevent these types of attacks from happening, sometimes these systems fail.\u00a0\u00a0\u00a0<\/p>\n<p>And those failures can be costly.\u00a0<\/p>\n<p>\u201cWhat we are actually seeing here is that we are really dependent on some services because the internet for us now is critical infrastructure,\u201d he said.\u00a0<\/p>\n<p>What can individuals do to keep their own information safe? University officials have offered tips:<\/p>\n<p>Verify that emails and login pages come from legitimate senders and official university-related domains before clicking links or entering credentials.<\/p>\n<p>Hover over links and closely inspect URLs to make sure they direct to trusted websites rather than spoofed or suspicious pages.<\/p>\n<p>Never share passwords or sensitive personal information through email, especially in unsolicited or urgent-looking messages.<\/p>\n<p>Be wary of phishing tactics that create a false sense of urgency or use email addresses designed to mimic legitimate organizations.<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Northeastern Says No Accounts Compromised in Canvas Attack https:\/\/news.northeastern.edu\/2026\/05\/08\/canvas-cyberattack\/ Publish Date: 2026-05-08 19:25:00 Source Domain:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":211201,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/news.northeastern.edu\/wp-content\/uploads\/2026\/05\/050826_AS_Cyber_Secturity_Stock_020.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[30,24,31,35,32,25,34,27],"class_list":["post-211200","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-breach","tag-cybersecurity","tag-exploit","tag-hacker","tag-malware","tag-phishing","tag-threat-actor","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/211200"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=211200"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/211200\/revisions"}],"predecessor-version":[{"id":211204,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/211200\/revisions\/211204"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/211201"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=211200"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=211200"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=211200"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}