Canvas Hack Settled: Instructure Secures Student Data
The hacking group ShinyHunters struck a deal with Instructure, ensuring stolen data from the Canvas educational tool was returned. The agreement avoids extortion risks for customers. While some believe a ransom was paid, Instructure confirmed the platform is secure again. The House Homeland Security Committee awaits a briefing from Instructure executives.
The hacking group ShinyHunters reached an agreement with Instructure, the company behind the Canvas educational software, to return stolen data and digitally confirm its destruction. This measure ensures no Instructure customers will be subject to extortion attempts, as stated in a company announcement.
ShinyHunters, which has a history of extorting major corporations, claimed responsibility for targeting the Canvas platform, used by nearly 9,000 schools. A spokesperson for the group confirmed to Reuters that the stolen data has been deleted and the group will no longer contact the company or its customers. Ransomware negotiator Kurtis Minder suggested a payment might have been made, though this remains speculative.
The resolution has brought the Instructure platform back to normal operation. Meanwhile, the House Homeland Security Committee seeks answers from Instructure's leadership on the incident details, effectiveness of the company's response, and coordination with federal agencies like CISA.
ALSO READ
-
Canvas Secures Data with Hacker's Agreement: A Cybersecurity Update
-
Cyber Breach at Canvas: The Hack That Disrupted Classrooms Nationwide
-
UPDATE 3-Schools reach out to Canvas hackers as breach hits US classrooms, source says
-
UPDATE 2-Schools reach out to Canvas hackers as breach hits US classrooms, source says
-
UPDATE 1-Schools reach out to Canvas hackers as breach hits US classrooms, source says
Google News