Allegations say hackers accessed around 275 million student records through the Canvas platform, rattling schools and universities across multiple countries. Students and staff reportedly feared exposure of private messages, academic details, emails, and personal data. Experts caution this may be far bigger than a typical school cyber incident and are closely watching whether the breach timeline extends beyond the initial attack.
A cyberattack on the Canvas learning platform disrupted academic operations at universities across the US, Australia, and Europe. Stanford and Yale, among others, said student data such as names and email addresses may have been exposed. A cybercrime group claimed responsibility, underscoring how vulnerable education systems are to escalating attacks and portal outages.
Your news, in seconds
Get the Beige app — every story in 60 words, updated hourly. Free on iOS & Android.
Instructure has placed its Canvas learning platform into maintenance mode after a cybersecurity incident disrupted access for many schools and universities. Some users reported being redirected to an unauthorized message that was allegedly linked to the cybercriminal group ShinyHunters. The company says Canvas is now available for most users, but services were impacted long enough to disrupt learning across multiple institutions.
A major Canvas platform outage struck leading US universities on May 7, 2026, including Harvard and Stanford, after a cyberattack claimed by ShinyHunters. The group reportedly demanded a settlement to stop the release of stolen student information such as personal details and private messages. For many students, the disruption derailed classes and assignments amid uncertainty about their data.
The ShinyHunters hacking group says it will release stolen Canvas data if schools don’t contact it by May 12. Its message reportedly included a link to a list of schools that the group claims it breached through Canvas. The warning raises urgent questions about the extent of the incident and when services and affected data will be secured.
Swipe through stories, personalise your feed, and save articles for later — all on the app.
