Canvas, a widely used learning management platform, was targeted in a massive cyberattack that affected around 9,000 universities globally, including several in Canada. The parent company, Instructure, has reportedly reached an agreement with the hacking group ShinyHunters, who claimed responsibility for the breach. As part of the deal, the stolen data was returned, and digital proof of its destruction was provided. The hackers had threatened to release the personal information of 275 million individuals unless a ransom was paid. Instructure assured its customers that they would not be extorted and emphasized that individual schools should not engage with the hackers. Despite the resolution, cybersecurity experts advise against paying ransoms, as it encourages further criminal activity. Instructure acknowledges the ongoing uncertainty and is committed to protecting its users, with forensic analysis of the breach still underway.
Did Canvas strike a deal with hackers after a major cyber breach?
