A massive and sophisticated international cyber attack has targeted the academic software platform Canvas, causing unprecedented chaos across 9,000 schools and universities worldwide. The breach, claimed by the notorious hacking group ShinyHunters, occurred during the high-stakes end-of-year season, leaving students and faculty in a state of confusion. Educational institutions across the United States, Canada, and Australia have reported major disruptions as the platform used for coursework and examinations went offline, leading to the cancellation of finals at several high-profile universities.
The scale of the disruption is staggering, with an estimated 9,000 institutions affected by what is being described as a nationwide security incident. At Mississippi State University, administrators were forced to postpone Friday’s final exams after a ransom note demanding Bitcoin payment appeared on students’ screens. Aubrey Palmer, a meteorology student at the university, described a scene of pure shock when her exam session was interrupted by a message stating that ShinyHunters had breached Instructure—the parent company of Canvas—once again. The hackers threatened to release sensitive stolen data unless their financial demands were met immediately.
The impact was felt globally, extending to the University of Sydney in Australia, where officials instructed students not to attempt logging into the system. The university acknowledged the severe disruption at such a critical time in the semester and noted that it is among thousands of institutions awaiting clear guidance from Instructure. Meanwhile, major North American schools like Penn State, the University of Toronto, and the University of British Columbia advised their student bodies to log out immediately following the breach. At UCLA, students struggled to submit final assignments, and the University of Chicago was forced to temporarily disable its Canvas portal to prevent further compromise.
Instructure, the company behind the widely used software, posted an update late Thursday claiming that Canvas was becoming available for most users. However, the reality on the ground remained different on Friday morning, with many universities still reporting persistent outages and accessibility issues. Penn State University informed its students that a full resolution was unlikely to arrive within 24 hours, leading to further cancellations of scheduled assessments. The sudden appearance of ransom notes on cloud-based platforms associated with the breach has raised serious questions about the vulnerability of third-party academic service providers.
Cybersecurity experts point out that the targeting of educational platforms is becoming increasingly common due to the wealth of personal and research data they hold. ShinyHunters, a group with a history of high-profile data breaches, appears to have timed this attack to maximize pressure by striking during final exam weeks. For many students, the concern is not just the delay of exams but whether their submitted work has been saved or compromised. The frustration is palpable as students who have spent months preparing for finals now face the prospect of redoing their work under heightened stress.
As law enforcement and cyber agencies investigate the incident, the focus remains on securing student data and restoring full functionality to the impacted systems. The incident serves as a stark reminder of the risks associated with the centralization of critical educational infrastructure. While some services are slowly coming back online, the psychological and academic toll on the global student population remains significant. Universities are continuing to communicate via email, advising students to ignore any suspicious messages while the technical teams work toward a permanent fix.
