Canvas Education Platform Breach: ShinyHunters Steal 3.5TB from System Used by 30 Million

The ShinyHunters hacking group breached Canvas, the learning management system by Instructure used by approximately 30 million users across 9,000 institutions globally. The attack was detected April 29 via unauthorized access through a teacher account. The platform was taken offline May 7 after additional unauthorized activity. ShinyHunters stole 3.5 terabytes of data including names, email addresses, student ID numbers, and private messages. The group is demanding ransom and threatened to release data by May 12 if unpaid. Canvas was partially restored by May 9 for most users, with some institutions still performing security checks. Affected countries include the US, Canada, Netherlands, Sweden, Australia, and UK. Major institutions include University of Toronto, UBC, University of Sydney, Harvard, and Cambridge. Instructure states no evidence of passwords, financial info, or government ID compromise. The FBI is investigating.