Canvas Hack Settled: Instructure Secures Student Data
The hacking group ShinyHunters struck a deal with Instructure, ensuring stolen data from the Canvas educational tool was returned. The agreement avoids extortion risks for customers. While some believe a ransom was paid, Instructure confirmed the platform is secure again. The House Homeland Security Committee awaits a briefing from Instructure executives.
The hacking group ShinyHunters reached an agreement with Instructure, the company behind the Canvas educational software, to return stolen data and digitally confirm its destruction. This measure ensures no Instructure customers will be subject to extortion attempts, as stated in a company announcement.
ShinyHunters, which has a history of extorting major corporations, claimed responsibility for targeting the Canvas platform, used by nearly 9,000 schools. A spokesperson for the group confirmed to Reuters that the stolen data has been deleted and the group will no longer contact the company or its customers. Ransomware negotiator Kurtis Minder suggested a payment might have been made, though this remains speculative.
The resolution has brought the Instructure platform back to normal operation. Meanwhile, the House Homeland Security Committee seeks answers from Instructure's leadership on the incident details, effectiveness of the company's response, and coordination with federal agencies like CISA.
(With inputs from agencies.)
ALSO READ
Pentagon's Strategic Deployment of Anthropic's Mythos Amid Cybersecurity Challenges
Mythos AI Shakes Up U.S. Banking Cybersecurity
City Doctor Blackmailed Over Video, Extortion Attempt Exposed
India Bolsters Cybersecurity with AI to Combat Mule Accounts
Canvas Secures Data with Hacker's Agreement: A Cybersecurity Update
Google News