{"id":212233,"date":"2026-05-11T16:41:00","date_gmt":"2026-05-11T20:41:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/11\/wake-county-schools-restore-canvas-access-after-nationwide-ransomware-attack-wral-com\/"},"modified":"2026-05-11T16:50:12","modified_gmt":"2026-05-11T20:50:12","slug":"wake-county-schools-restore-canvas-access-after-nationwide-ransomware-attack-wral-com","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/05\/11\/wake-county-schools-restore-canvas-access-after-nationwide-ransomware-attack-wral-com\/","title":{"rendered":"Wake County schools restore Canvas access after nationwide ransomware attack :: WRAL.com"},"content":{"rendered":"

Wake County schools restore Canvas access after nationwide ransomware attack :: WRAL.com<\/a><\/p>\n

https:\/\/www.wral.com\/news\/education\/wake-county-schools-restore-canvas-access-may-2026\/<\/a><\/p>\n

Publish Date: 2026-05-11 16:41:00<\/a><\/p>\n

Source Domain: www.wral.com<\/a><\/p>\n

Author: <\/a><\/p>\n

Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n

\t\t\t\t\t\t\tThe Wake County Public School System on Monday has restored access to Canvas for students and staff.<\/p>\n

\t\t\t\t\t\t\tA message on the school district’s website states, “Staff and students should once again be able to access Canvas through WakeID once they reboot their devices.”<\/p>\n

\t\t\t\t\t\t\tStudents and staff were unable to use Canvas last week after a cyber security incident. Canvas is used for lesson plans, school assignments, and communication between teachers and students.<\/p>\n

\t\t\t\t\t\t\tLast week, ransomware targeted Canvas. The attack impacted school districts and universities across the country. Wake County notified families and restricted access to the site on school-issued devices.\u00a0<\/p>\n

\t\t\t\t\t\t\tEducation technology company Instructure said it restored Canvas on Friday, a day after the hack.<\/p>\n

\t\t\t\t\t\t\tInstructure briefly took Canvas down on May 7 but restored it on May 8 for all but the free version.<\/p>\n

\t\t\t\t\t\t\tMany North Carolina schools have waited to restore access to Canvas after the second breach on May 7 showed some system features had been taken over by the hackers, on top of data merely being accessed. An initial hack happened on April 29.<\/p>\n

\t\t\t\t\t\t\t‘Pay for leak’ scams like Canvas breach are increasingly common, experts say<\/p>\n

\t\t\t\t\t\t\tThe scammers behind an attack of widely used education software are using an increasingly common “pay or leak” tactic among hackers to pressure victims to pay ransoms, though cybersecurity experts continue to discourage paying ransoms in spite of any new scare tactics.<\/p>\n

\t\t\t\t\t\t\tScammers are often untruthful about who they are and about the risk posed by the data they claim to have access to, experts say.<\/p>\n

\t\t\t\t\t\t\tInstructure announced last week its signature Canvas learning management platform — used by nearly every public school district and most North Carolina colleges — had been breached by hackers twice since April 29. Both times, the company said, it was via a security vulnerability in Canvas’s free version for teachers whose districts were not paid users. It’s unclear how the breach occurred, but Instructure has paused the Free-for-Teacher account program.<\/p>\n

\t\t\t\t\t\t\tInstructure believes hackers gained access to data on student names, email addresses, student ID numbers and some messages sent via the platform.<\/p>\n

\t\t\t\t\t\t\tThe Wake County Public School System restored access Monday, after a briefing with state Department of Public Instruction officials Monday morning reassured the district that there was no remaining risk, according to a spokesperson for the district. Wake County is a paid user and didn’t have any Free-for-Teacher accounts.<\/p>\n

\t\t\t\t\t\t\tCybersecurity investigator Allison Nixon calls the “pay or leak” scheme a scam and notes that hackers who use the scheme may not have the data they claim to, may overstate the danger of the data they have, or may never keep their promises not to disclose it once a ransom is paid.<\/p>\n

\t\t\t\t\t\t\t“They’re going to use all kinds of pressure tactics, like flooding their email, threatening their executives and their families, and other kinds of tactics to make the victims feel pressure in order to pay this extortion,” said Nixon, who is the chief research officer at Unit 221B, a cybersecurity investigations firm based in New York City.<\/p>\n

\t\t\t\t\t\t\tIt’s about fear, even though the data might not be that dangerous, Nixon said.<\/p>\n

\t\t\t\t\t\t\t“These actors are essentially trying to hold children and students hostage, where they’re threatening that they’re going to cause bad things to happen to students if they don’t get paid their extortion,” Nixon said.<\/p>\n

\t\t\t\t\t\t\tPeople shouldn’t pay the hackers and shouldn’t take them at their word, Nixon said.<\/p>\n

\t\t\t\t\t\t\tIn North Carolina, it’s illegal for government entities, including public schools, to pay ransoms.<\/p>\n

\t\t\t\t\t\t\tOften, hackers release data publicly anyway, even after being paid a ransom.<\/p>\n

\t\t\t\t\t\t\tLast year, PowerSchool, the company that for years provided North Carolina’s statewide information system, paid a ransom to a hacker who had gained access to vast troves of student and teacher data, including teachers’ Social Security numbers. Later that year, well after the ransom payment, many North Carolina teachers received threatening messages asking for money in exchange for keeping their data confidential. The messages included proof that the sender had the data, according to PowerSchool, which acknowledged the ransom payment didn’t resolve the issue.<\/p>\n

\t\t\t\t\t\t\tThe data Instructure believes was accessed isn’t as serious as other breaches, like the PowerSchool one. Names, student IDs and emails by themselves wouldn’t require notification to authorities under North Carolina’s identity theft protection laws. They would only require reporting if other data could be used in conjunction with them to obtain access to another person’s financial accounts or resources, according to the North Carolina Department of Justice.<\/p>\n

\t\t\t\t\t\t\tBut victims should be on alert for attempts to extort them and for phishing scams, if bad actors obtain their contact information, experts say.<\/p>\n

\t\t\t\t\t\t\tThe hackers have claimed to be part of a well-known cybercrime group that calls itself ShinyHunters. The group is known for breaching major companies, including AT&T Wireless or contractors of major companies, such as Salesforce and Snowflake, gaining access to the data of hundreds of companies like Ticketmaster.<\/p>\n

\t\t\t\t\t\t\tIt’s common for hackers to claim they are ShinyHunters or another well-known group to capitalize on the well-known group’s notoriety and, thus, generate more fear of them, Nixon said.<\/p>\n

\t\t\t\t\t\t\t“They want to be famous, they want to be remembered,” Nixon said.<\/p>\n

\t\t\t\t\t\t\tIn the case of Canvas, Nixon, who investigates cybercrime and hackers, says she has reason to believe the Canvas hackers are at least different from those who have conducted previous ShinyHunters hacks. She believes she knows who they are, that they have attacked her own company before, and that they are known to law enforcement.<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Wake County schools restore Canvas access after nationwide ransomware attack :: WRAL.com https:\/\/www.wral.com\/news\/education\/wake-county-schools-restore-canvas-access-may-2026\/ Publish Date:…<\/p>\n","protected":false},"author":1,"featured_media":212234,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.wral.com\/e330a934-1ced-46eb-bb17-f4275860c97e?w=1200&h=630","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[30,24,35,25,27],"class_list":["post-212233","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-breach","tag-cybersecurity","tag-hacker","tag-phishing","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/212233"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=212233"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/212233\/revisions"}],"predecessor-version":[{"id":212235,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/212233\/revisions\/212235"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/212234"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=212233"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=212233"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=212233"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}