A system that thousands of schools and universities use to support instruction was back online Friday after it went down during a cyberattack that created chaos as students tried to study for final exams.
The hacking group named ShinyHunters claimed responsibility for the breach at Canvas, said Luke Connolly, a threat analyst at the cybersecurity firm Emisoft. Instructure, the company behind Canvas, said in an update late Thursday that the system was available for most users.
Canvas is used to manage grades, course notes, assignments, lecture videos and more. The hacking group posted online that nearly 9,000 schools worldwide were affected, with billions of private messages and other records accessed, Connolly said.
Screen shots Connolly provided showed that the group began threatening Sunday to leak the trove of data. By Friday, Instructure and Canvas had been removed from a dedicated leak site created by the ransomware group on the dark web to publish stolen data.
Canvas went down Thursday at the worst possible time. Students quickly took to social media, with many panicking that they could no longer view course materials housed within the platform to study for their final exams.
Teachers said they were having to find workarounds to help students study for exams and submit final assignments. And some schools, such as the University of Texas at San Antonio, announced they were pushing back finals scheduled for Friday in response to the outage.
Schools like Princeton University turned to X late Thursday to announce “Canvas appears to be available again” and that information technology staff was monitoring the situation.
Rich in digitized data, the nation’s schools are prime targets for far-flung criminal hackers, who are assiduously locating and scooping up sensitive files that not long ago were committed to paper in locked cabinets. Past attacks have hit Minneapolis Public Schools and the Los Angeles Unified School District.
Instructure has not posted about the attack on its social media. The company didn’t immediately respond to emails from The Associated Press asking whether it paid a ransom and inquiring about what happened with the compromised data.
Connolly said the Canvas attack is strikingly similar to a breach at PowerSchool, which also offers learning management tools. In that case a Massachusetts college student was charged.
Connolly described ShinyHunters as a loose affiliation of teenagers and young adults based in the U.S. and the United Kingdom. The group also has been tied to other attacks, including one aimed at Live Nation’s Ticketmaster subsidiary.
Copyright 2026 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed without permission.
Please purchase a Premium Subscription to continue reading.
To continue, please log in, or sign up for a new account.
We offer one free story view per month. If you register for an account, you will get two additional story views. After those three total views, we ask that you support us with a subscription.
A subscription to our digital content is so much more than just access to our valuable content. It means you’re helping to support a local community institution that has, from its very start, supported the betterment of our society. Thank you very much!
Only subscribers can view and post comments on articles.
Already a subscriber? Login Here
Our Lady of Angels school presents Chitty Chitty Bang Bang Jr! Read moreOur Lady of Angels School Presents Chitty Chitty Bang Bang
Join us for an evening of piano artistry with Sofya Gulyak 🎹, presented by Gradus ad Parnas… Read moreSofya Gulyak piano recital
Mark Simon said:
CoastalBoy said:
Dirk van Ulden said:
Success! An email has been sent to with a link to confirm list signup.
Error! There was an error processing your request.
Sorry, an error occurred.
Already Subscribed!
Cancel anytime
Thank you .
Your account has been registered, and you are now logged in.
Check your email for details.
Submitting this form below will send a message to your email with a link to change your password.
An email message containing instructions on how to reset your password has been sent to the email address listed on your account.
No promotional rates found.
Secure & Encrypted
Thank you.
Your gift purchase was successful! Your purchase was successful, and you are now logged in.
| Rate: | |
| Begins: | |
| Transaction ID: |
A receipt was sent to your email.
(0) comments
Welcome to the discussion.
Log In
Keep the discussion civilized. Absolutely NO personal attacks or insults directed toward writers, nor others who make comments.
Keep it clean. Please avoid obscene, vulgar, lewd, racist or sexually-oriented language.
Don't threaten. Threats of harming another person will not be tolerated.
Be truthful. Don't knowingly lie about anyone or anything.
Be proactive. Use the 'Report' link on each comment to let us know of abusive posts.
PLEASE TURN OFF YOUR CAPS LOCK.
Anyone violating these rules will be issued a warning. After the warning, comment privileges can be revoked.