New York, USA – The education system in the United States and large parts of the world was brought to a standstill on Thursday following a massive cyberattack targeting Instructure, the developer of the popular learning management system Canvas. The attack caused the system to crash unexpectedly, creating widespread chaos among students and faculty. The incident comes at a critical time for final exam preparations.
Shiny Hunters claims responsibility for the operation
Luke Connolly, a senior threat analyst at the global cybersecurity firm Emsisoft, revealed that the hacking group known as ShinyHunters has claimed full responsibility for the breach of Instruction’s servers. According to data the group published online, the damage extends far beyond the United States, affecting nearly 9,000 schools and universities worldwide.
Connolly noted that the group claims to have access to a massive database containing billions of private messages and students’ academic and financial records. This raises serious concerns about the privacy of the personal data of millions of platform users. As of yet, Instructor has not issued an official statement clarifying whether the system outage was caused by direct sabotage by the hackers or a precautionary measure taken by the company to contain the attack.
Chaos in the academic corridors
The Canvas system is considered the digital backbone of the educational process, used daily for managing grades, distributing course notes, uploading assignments, and displaying recorded lecture videos.
As soon as the system went down, university and district administrations rushed to send emergency messages to students and parents to inform them of the situation. Meanwhile, urgent questions arose about the fate of final exam schedules, which were now in jeopardy.
What’s striking is Instructor’s complete silence on its official social media accounts, which has heightened the tension and anxiety among academic institutions that rely entirely on its software.
Technology experts believe this attack once again highlights the vulnerability of educational infrastructure to sophisticated cyber threats. It also raises questions about the adequacy of the security measures taken by educational technology companies to protect sensitive data and ensure the continuity of learning during crises.
