Access to the Canvas education platform was restored on Friday after a major cyberattack disrupted service worldwide, leaving tens of thousands of students without access to course materials and grading tools during final exams.
Canvas, used by schools, colleges and universities as a hub for lectures, assignments, grades, discussion boards and messaging, went offline Thursday. Multiple US university student newspapers reported the outage; Harvard University’s student paper, The Harvard Crimson, said the site redirected users to a message from a group calling itself ShinyHunters and published a list of allegedly targeted schools.
The outage forced instructors to use workarounds to help students study and submit final work, and some institutions postponed exams that had been scheduled for Friday.
ShinyHunters, a loose collective of teenage and young adult hackers linked previously to large-scale incidents such as attacks on a ticketing platform, claimed responsibility. The group has described itself as “rooting your systems since ’19.” Earlier in the week it warned it would leak data for nearly 9,000 schools and 275 million individuals unless a ransom was paid by May 6. Reuters reported that some schools contacted the group to negotiate.
On May 5, ShinyHunters said Instructure, Canvas’s parent company, had not engaged with the group to avert a data leak and added that its ransom demand “was not even as high as you might think.”
Institutions and Instructure worked to restore access and mitigate the impact on students and faculty. Investigation into the attack and any potential data exposure was ongoing.
Edited by Dmytro Hubenko