Student Data at Risk After Major Instructure Hack

Happy Girl Painting — Source: FatCamera / Getty

A major cybersecurity incident has hit Canvas, the widely used learning management system operated by education tech company Instructure, disrupting access for students and schools across the United States and beyond.

The attack surfaced in early May 2026 when users began reporting they could not log in or access assignments. Instead of normal course pages, some users were redirected to a message posted by a hacking group known as ShinyHunters, which claimed responsibility for the breach.

According to reports, the hackers claim they accessed or stole sensitive user data, including student names, email addresses, student ID numbers, and private messages between students and teachers. Instructure has said it is still investigating the full scope of the incident and has not confirmed all of the hackers’ claims.

The disruption affected thousands of schools, including major universities, and came during a critical time of exams and end-of-term assignments, causing widespread frustration for students and faculty.

What the Hackers Did

Reports indicate the attackers not only accessed data but also:

Defaced Canvas login pages with ransom-style messages
Claimed responsibility for a large-scale data breach
Threatened to release stolen information unless demands were met by a deadline
Caused temporary shutdowns and “maintenance mode” across parts of the platform

Some institutions briefly lost access to Canvas entirely as administrators and the company worked to contain the issue.

What Data May Be Affected

So far, Instructure has stated that the compromised data may include:

Names and email addresses
Student ID numbers
Internal messages between students and instructors

However, the company says there is currently no evidence that passwords, financial data, or government IDs were exposed.

Who Is Behind It

The group claiming responsibility, ShinyHunters, is a known cybercrime organization linked to multiple high-profile data breaches in recent years. Security researchers say the group often uses data theft and extortion tactics to pressure companies into paying ransoms.

Why It Matters

Canvas is used by thousands of schools and millions of students worldwide. A breach of this scale raises concerns about:

Student privacy and data security
The vulnerability of education systems to ransomware attacks
Disruptions to learning during critical academic periods

Schools and cybersecurity experts are now urging users to stay alert for phishing emails and suspicious messages, especially since stolen educational data can be used in follow-up scams.