Hacker group disables Canvas for NC students, demands ransom
A hacker group called ShinyHunters disabled Canvas, a learning management system used by North Carolina schools and universities, and demanded a ransom by May 12, 2026, threatening to leak stolen data unless paid. The breach affected institutions including the University of North Carolina at Chapel Hill, Duke University, and multiple K-12 districts, with Instructure confirming no sensitive financial or government identifiers were compromised as of now.
A hacker group named ShinyHunters disabled Canvas, a web-based learning management system used by schools and universities across North Carolina, on May 2, 2026. The group claimed responsibility for the breach, stating it would leak data unless a ransom was paid by May 12. Affected institutions include the University of North Carolina at Chapel Hill, Duke University, North Carolina Central University, and multiple K-12 districts such as Wake County Public School System and Durham schools. The breach targeted Instructure, the company managing Canvas, which handles teachers’ and students’ data. ShinyHunters criticized Instructure for ignoring their initial contact and applying 'security patches' instead. A Wake County Public School System spokesperson confirmed students received ransom messages, and one University of North Carolina at Chapel Hill student shared a screenshot of the note. Instructure assured Duke University’s chief information security officer, Nick Tripp, that no passwords, dates of birth, government identifiers, or financial information were involved in the breach. However, the group provided a list of affected schools, including East Carolina University, Wake Forest University, and Fayetteville State University. Other universities like the University of Pennsylvania and the University of Oklahoma also reported disruptions to their Canvas apps. This incident follows a December 2024 breach of PowerSchool, another education data provider, which paid a ransom and verified the deletion of stolen data. Cybersecurity analysts warned more North Carolina schools could face extortion attempts. Earlier in May, the North Carolina State Board of Education transferred its PowerSchool data to Infinite Campus for its statewide system. Wake County Public School System temporarily disabled Canvas while investigating security risks. The disruption has impacted classroom operations, as teachers rely on Canvas to post lessons and students use it to submit assignments. The situation remains under monitoring as institutions assess the full scope of the breach and potential risks to student and faculty data.
This content was automatically generated and/or translated by AI. It may contain inaccuracies. Please refer to the original sources for verification.