"Although the breach was assumed to be initially contained, a second wave of unauthorized activity tied to the same incident was detected on May 7, 2026, defacing the Canvas login portals with extortion messages at roughly 330 institutions and giving Instructure a deadline of May 12, 2026, to negotiate a ransom or risk a data leak. The attackers are said to have weaponized an unspecified vulnerability "regarding support tickets" in its Free-for-Teacher environ"
Instructure, the parent company of Canvas, reported reaching an agreement with an unauthorized actor after it breached its network and faced threats to leak data from thousands of schools and universities. The company said the agreement addresses concerns about potential publication of data and covers all impacted customers. It stated that pilfered data was returned and that it received digital confirmation of data destruction. Instructure also said it was informed that no customers would be separately extorted as a result of the hack. The company reported working with expert vendors for forensic analysis, improving cybersecurity posture, and conducting a comprehensive review of the involved data. The incident involved theft of 3.65TB and later extortion activity affecting nearly 9,000 organizations.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]