Data breach affects schools using Canvas; University of Illinois postpones final exams, assignments

A major cybersecurity breach targeting Canvas, a widely used learning management system owned by Instructure, has impacted thousands of schools and universities across the U.S., including the University of Illinois, Illinois State University, Northwestern University, and the University of Chicago. The attack, attributed to a hacker group calling themselves ShinyHunters, has forced institutions to postpone final exams and assignments, with the University of Illinois delaying deadlines for May 8, 9, and 10. The hackers claim to have stolen data such as names, email addresses, student IDs, and messages, though highly sensitive information like Social Security numbers and passwords has not been compromised." "The breach has left millions of students and faculty unable to access course materials, as Canvas remains offline while Instructure investigates. ShinyHunters gave affected institutions until May 12 to negotiate a settlement, threatening to release the stolen data if demands are not met. Cybersecurity experts warn that even non-sensitive data could be used for targeted phishing scams or sold on the dark web, increasing risks for affected users." "The University of Illinois stated that Canvas is offline due to an ongoing cybersecurity incident, with no clear timeline for resolution. Course materials remain unavailable until Instructure restores the system, and the university is advising students to check updates at go.illinois.edu/2026-canvas-incident. Illinois State University and other affected institutions echoed similar uncertainty, emphasizing that the outage stems from a nationwide issue beyond their control." "Rob D'Ovidio, an associate professor in Drexel University’s Department of Criminology, highlighted the severity of the attack, noting that Canvas is used by a majority of education institutions. He advised users to remain vigilant against phishing attempts and avoid engaging with the hackers’ demands. Experts caution that paying ransoms does not guarantee data protection and may encourage further attacks." "As schools assess the breach’s full impact, cybersecurity professionals urge students and staff to monitor accounts closely and report suspicious activity. The incident underscores vulnerabilities in widely used educational platforms, raising concerns about data security in the academic sector.