San Antonio campuses affected by massive Canvas data breach at U.S. universities

A cybersecurity breach of the Canvas learning platform, used by over 8,000 U.S. universities, exposed personal data of millions of students and instructors after a hacking group, ShinyHunters, claimed responsibility. The attack disrupted services on May 7, causing outages at institutions like UT-San Antonio, the University of the Incarnate Word, Trinity University, and Alamo Colleges District. ShinyHunters stated they accessed data from more than 275 million individuals across nearly 9,000 campuses and threatened to leak unspecified portions of the data on May 12 unless Instructure, the platform provider, met their ransom demands. The group mentioned billions of private messages among students and faculty were involved but did not disclose the ransom amount. UT-San Antonio and the University of the Incarnate Word confirmed their Canvas systems were affected, with UT-San Antonio rescheduling assignments and exams due by May 8 and UIW extending final deadlines to May 15 and faculty grade deadlines to May 19. Trinity University’s IT department acknowledged the breach but did not mention deadline changes. Instructure confirmed the outage on its website, stating service had largely been restored by late May 7. Other San Antonio institutions using Canvas, including Texas A&M University-San Antonio, St. Mary’s University, San Antonio ISD, and Lackland ISD, were also impacted, though no official statements were provided for all of them. The breach highlights growing concerns over cybersecurity vulnerabilities in educational institutions, where sensitive academic and personal data is frequently stored.