Ransomware Disrupts 8,800 Schools via Canvas During US Finals

Chaos hit US schools as Canvas faced a cyberattack during finals. The ransomware group ShinyHunters was behind it, disrupting thousands of schools. Students and faculty were left scrambling.

The Attack Unfolds

Thursday. Canvas went offline after detecting unauthorized network activity. Bad timing: finals were in full swing. Instructure, Canvas' parent company, shut it down to handle the threat. It was back by Friday morning, but the ransom demands were already on the login pages.

ShinyHunters, known for ransomware attacks, took credit. They claimed access to data from 275 million users tied to 8,800 schools. They wanted schools to negotiate after Instructure reportedly said no.

Impact on Schools

Immediate fallout. The University of Illinois postponed exams. UMass Dartmouth rescheduled. UC system took precautions to manage the chaos. Schools had to rethink exam schedules and communication.

Background: Rising Threats in EdTech

Canvas isn't alone. Last year, PowerSchool faced a breach exposing millions of students' data. These incidents show the growing risk to educational platforms.

ShinyHunters have hit before. In 2024, they breached Snowflake, affecting clients like TicketMaster. This shows the ongoing threat of ransomware across sectors.

How It Compares

Compared to past attacks like on PowerSchool, the Canvas breach shows evolving tactics. Both exposed heaps of sensitive data. But hitting during finals? That made it worse.

What's Still Unclear

• Exactly how much data was compromised.
• If Instructure will beef up security measures.
• How schools will handle potential data misuse.
• The long-term impact on students’ records and data.

Why This Matters

This incident highlights the urgent need for strong cybersecurity in schools. As digital learning grows, guarding against cyber threats is crucial. The Canvas attack is a wake-up call to the vulnerabilities in digital education infrastructure.