Hacker News
ShinyHunters Breaches Instructure Canvas Schools
PublishedMay 11, 2026 at 5:42 AM·low
What happened
The ShinyHunters threat group claims to have stolen data tied to roughly 9,000 schools using Instructure's Canvas learning management platform. If verified, students, teachers, and administrators across those institutions could have personal information exposed and reused in phishing or credential-stuffing attacks. Schools using Canvas should monitor for official notifications, rotate admin credentials, enable MFA, and warn users about targeted phishing.
Tags
#shinyhunters#instructure#data breach#education
Source reference
https://edscoop.com/shinyhunters-claims-nearly-9000-schools-affected-by-canvas-data-breach/ ↗See how Fortify maps this threat to your compliance posture.
14-day free trial · no credit card · HIPAA, SOC 2, ISO 27001, GDPR
Sign Up →