Instructure (Canvas) Breached by Shiny Hunters — 275M Records from ~9,000 Schools/Universities, Ransom Deadline May 12
Shiny Hunters breached Instructure, operator of the Canvas platform. They claim ~275 million records stolen from nearly 9,000 educational institutions, plus billions of private messages. Live Canvas websites were defaced today with a May 12 ransom demand. Instructure took affected sites offline. h
ORIGINAL SOURCE →via Reddit r/cybersecurity
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] /Why/ is Shinyhunters targeting Canvas?
- [CYBER] CVE-2026-8122 - Open5GS NSSF message.c ogs_sbi_discovery_option_add_service_names denial of service
- [CYBER] Canvas Hack - Any Guesses How?
- [CYBER] CVE-2026-8121 - Open5GS NSSF conv.c ogs_sbi_parse_plmn_list denial of service
- [CYBER] Dirty Frag exploit gets root on most Linux machines since 2017, no patches available, no warning given — Copy Fail-like vulnerability had its embargo broken
- [CYBER] CVE-2026-8117 - SourceCodester Pizzafy Ecommerce System index.php cross site scripting