"The cyber-attack affected an estimated 9,000 institutions in the US, Canada, Australia and the UK, with exams disrupted after the Canvas service went down. The hackers threatened to publish 3.5 terabytes of student and university data they had stolen in the breach. Paying cyber criminals goes against the advice of law enforcement agencies around the world, as it can fuel further attacks and offers no guarantee the data has been deleted."
"Instructure said in a statement on its website that protecting students' and education staff data was its primary motivation. "While there is never complete certainty when dealing with cyber criminals, we believe it was important to take every step within our control to give customers additional peace of mind, to the extent possible," the company said."
"Instructure did not set out the terms of the agreement but said that it meant that: the data was returned to the company it received "digital confirmation of data destruction" it had been informed that no Instructure customers would be extorted as a result of the incident the agreement covers all affected customers, with no need for individuals to engage with the hackers"
"The breach was discovered on 29th April and was claimed online by the prolific Shiny Hunters extortion group. Neither the hackers nor the company are explicitly saying that money was exchanged, but cyber extortion groups like Shiny Hunters operate by forcing their victims to send money in"
A cyber-attack on Canvas disrupted services for an estimated 9,000 universities and colleges across the US, Canada, Australia, and the UK, including exam interruptions after the platform went down. Hackers threatened to publish 3.5 terabytes of stolen student and university data. Instructure paid the attackers to stop publication and to provide assurances about the data. The agreement included returning the data to Instructure, providing digital confirmation of data destruction, and covering all affected customers so individuals would not need to engage with the hackers. The breach was discovered on 29 April and was claimed online by the Shiny Hunters extortion group. Law enforcement warns that paying can encourage further attacks and does not guarantee deletion.
Read at www.bbc.com
Unable to calculate read time
Collection
[
|
...
]