A Canvas outage tied to a cyberattack has wreaked havoc on colleges’ final exam season

A cyberattack on Canvas, an online platform managing exams, grades, and course materials for nearly 9,000 schools and 275 million users, caused widespread disruptions during final exam season. Instructure, the parent company, confirmed the outage stemmed from a breach by ShinyHunters, a hacking group that previously targeted Ticketmaster. By late Thursday, Canvas was restored for most users, though some schools, like Montgomery County Public Schools in Maryland, kept access limited due to ongoing security concerns. ShinyHunters initially demanded ransom to prevent leaking student data, including IDs, email addresses, and messages, but extended negotiations after some schools engaged with them. Instructure’s chief information security officer, Steve Proud, stated that no passwords, birthdates, or financial data were compromised. The group later removed Canvas from its list of targets without further comment. The outage forced universities like the University of Massachusetts at Dartmouth and the University of Illinois to postpone exams, citing inaccessible course materials. Schools continue assessing risks, with cybersecurity experts warning students and educators to remain vigilant against follow-up attacks. Canvas serves as a central hub for digital lectures, quizzes, and submissions, making its disruption particularly harmful during high-stakes exam periods. The incident highlights the growing threat of ransomware attacks on education systems, which store vast amounts of sensitive personal data. Schools now face the challenge of restoring trust while securing their platforms against future breaches.