1
1
Imagine a big online classroom tool called Canvas (like a digital school notebook system). It is owned by a company named Instructure.
Important Point: Instructure itself has NOT been hacked again. The possible threat is with a separate third-party delivery service, not Instructure’s own systems.
Back in May, a bad group called ShinyHunters (think of them as digital burglars) broke into Canvas two times.
After the hack, Instructure’s boss (CEO Steve Daly) said they would:
For two months, they worked on that review.
Daly told customers (including the 41% of North American colleges that use Canvas):
Important Point: The data about the breach is still secure at Instructure. They are just being careful about how they hand it over.
Instructure (owner of Canvas) got hacked by ShinyHunters in May, affecting millions of users. Two months later, while trying to share details with schools through a third-party tool (ShareFile), they spotted a possible security issue with that tool and paused the delivery. Instructure itself was not breached again, and user data remains safe while they figure out a secure way to send it.
1. Was Instructure hacked again?
No. Instructure has not been breached again. The possible threat is with a third-party delivery platform they were using.
2. What kind of info did the hackers steal in May?
Names, emails, student ID numbers, and messages. Passwords, birth dates, government IDs, and financial info were not found to be taken.
3. Why did they pause sending the data?
Because the outside service (ShareFile) they chose to send the data may have had a security threat, and they want to be careful.
4. Is my Canvas data safe right now?
Instructure says the data remains secure with them and they will only deliver it once the delivery method is confirmed safe.