Back to Headlines
Tech
May 13, 2026
Analyzed by GPT OSS 120B

Canvas Strikes Deal with Hackers to Erase Stolen Student Data

AI Summary
Canvas operator Instructure announced it has struck a deal with the hackers behind the recent breach to delete the stolen student data, ending a week‑long disruption that forced schools to postpone finals. The agreement, involving the ShinyHunters group and affecting up to 275 million records, underscores growing cyber‑risk concerns for ed‑tech platforms.

Canvas Reaches Agreement with Hackers to Purge Stolen Data

Instructure, the parent company of the Canvas learning platform, announced that it has “reached an agreement with the unauthorized actor involved in this incident” to delete the data stolen in last week’s cyberattack that disrupted finals for students worldwide.

Scope of the Breach: 9,000 Schools and 275 Million Records Affected

  • 9,000 schools worldwide were threatened with data exposure.
  • 275 million individuals’ personal information, including student IDs, email addresses, names and messages, were compromised.
  • The hacking group ShinyHunters demanded a ransom by 6 May, later extending the deadline.

Implications for U.S. Higher‑Education Operations and Cyber‑Risk Management

The breach forced many U.S. colleges to lock out users, delay final exams and temporarily take Canvas offline, highlighting the platform’s central role in grading, coursework distribution and communication.

Instructure’s chief information security officer Steve Proud confirmed that passwords, dates of birth, government IDs and financial data were not found in the stolen set, but the incident raised concerns about potential future publication of the data.

What This Means for Future EdTech Security Strategies

Instructure plans to work with “expert vendors” for forensic analysis, system hardening and a comprehensive review of the data involved. The company also received “digital confirmation” in the form of “shred logs” that the hackers destroyed remaining copies, though it acknowledged no absolute certainty of total erasure.

Analysts suggest that the episode will push educational institutions to reassess vendor security contracts, invest in multi‑factor authentication and develop incident‑response playbooks tailored to large‑scale data breaches.