Massive Canvas data breach hits colleges across California and nation, crippling student work

A cybersecurity breach at Canvas, a widely used learning management system, escalated into a system-wide outage on Thursday, locking students and faculty at dozens of California colleges out of coursework during finals preparations. The hack, attributed to the group ShinyHunters—previously linked to breaches at Ticketmaster and AT&T—exposed hundreds of millions of records from roughly 9,000 schools across the U.S., Australia, and Europe, including names, email addresses, student IDs, and internal messages. On Thursday, users attempting to log in received a message demanding schools contact ShinyHunters via TOX by May 12, 2026, to negotiate a settlement and prevent data leaks. Instructure, the company behind Canvas, later placed the platform in 'maintenance mode,' though it initially denied ongoing unauthorized activity. By evening, some campuses reported login redirects to a maintenance notice, though no California colleges confirmed compromised private data. The outage affected major California institutions, including the University of California system, California State University, Stanford University, and the Los Angeles Community College District, with USC also reporting disruptions. Earlier outages had been reported in Utah and North Carolina. UC officials stated Canvas would remain blocked until security was confirmed, while UCLA’s Bruin Learn system failed midday after operating normally earlier. Students like UCLA junior Titilope Olotu, who relied on Canvas for assignments, expressed concern over the disruption. Instructure’s spokesperson did not provide further comment, and the breach’s full impact on academic workflows remains unclear. Affected schools are advising users to avoid logging into Canvas until further notice.