Cyberattack blocks Canvas, platform used by many universities

Universities such as Harvard, Stanford and thousands of other educational institutions were affected after a large-scale cyberattack directed against an educational platform.

The action was attributed to ShinyHunters, a cyber-extortion group active since at least 2019, whose intervention led to the disruption of access to Canvas.

Threats and blackmail behind Canvas hack

Reports in the student newspaper Harvard Crimson and various messages on networks cited by AFP indicate that, when trying to log in on Thursday, many students came across a notice from the hacker group. In it they claimed that the servers of Instructure, the company that owns Canvas, had been breached "again."

"Instead of contacting us to resolve it they ignored us and did some ‘security patches.’" the hackers claimed.

"If any of the schools in the affected list are interested in preventing the release of their data, please consult with a cyber advisory firm and contact us privately at TOX to negotiate a settlement."

The group warned that it would release all of the information if the institutions did not make contact by May 12. The statement also included a link to a list of educational institutions that ShinyHunters claims to have compromised through its access to Canvas.

Disruptions and leaks surrounding Canvas and Instructure

Stanford University noted that Canvas was currently unavailable "due to an issue being experienced by the vendor." It also indicated that Instructure had recently reported a nationwide security incident which the company said had been brought under control.

Instructure explained that the data stolen in the initial leak encompassed personal information, such as names, email addresses and student ID numbers, as well as private messages exchanged between users.