Data Extortion Attack Targets Canvas, Disrupting U.S. Education Institutions

An ongoing data extortion attack targeted the education technology platform Canvas, disrupting classes and coursework at U.S. school districts and universities. A cybercrime group defaced the service’s login page with a ransom demand, threatening to leak data from 275 million students and faculty across nearly 9,000 educational institutions. The incident occurred today, with no specific threat actor or technical details (e.g., ransomware strain or CVE IDs) disclosed. The attack impacted nationwide operations, though the exact scope of data exposure or encryption remains unconfirmed. No attribution to groups like ShinyHunters or involvement of firms such as Mandiant Consulting or Cloudskope was explicitly stated in the reported facts.