Cybercrime Group ShinyHunters Breaches Instructure's Canvas Platform Twice in 2024

🎬 The cybercrime group ShinyHunters breached Instructure, the company behind the widely used school information portal Canvas, twice in 2024, stealing data from 275 million students and staff. The first breach occurred on April 29, with the hackers claiming to have compromised Canvas—a platform used by nearly 9,000 schools—while the second breach involved defacing Canvas login pages to pressure Instructure into paying a ransom. Instructure confirmed reaching an agreement with the hackers, though it remains unclear why the ransom was paid despite government advisories against such actions. ShinyHunters, a financially motivated group, threatened to publish the stolen data on their leak site before removing the listing, suggesting a payment was made. The incident mirrors a similar 2024 breach at PowerSchool, which affected 70 million individuals, highlighting vulnerabilities in education sector vendors. The video notes that schools and educational software providers often lack robust cybersecurity due to limited funding and staffing, making them prime targets for data theft. Concerns were raised about the reliability of hackers’ promises to delete data after payment, as some groups have been known to retain or resell stolen information.