"The US House Committee on Homeland Security has asked Instructure to provide details on the recent cyberattacks that disrupted its broadly used online learning system Canvas. An initial intrusion on April 29 was blamed for the disruption of tools relying on API keys. The education technology company restored the services by May 3, but took them offline again on May 7, after the hackers returned and defaced school login portals."
"This week, Instructure revealed that it struck a deal to have the stolen data returned and erased from the hackers' servers. It also noted that an issue with its Free-For-Teacher accounts was exploited in both intrusions and that the incident has been fully contained. "As a result, we have made the difficult decision to temporarily shut down Free-For-Teacher accounts. These accounts have been a core part of our platform, and we're committed to resolving the issues with these accounts," the company said on Monday."
"The attack was claimed by the notorious extortion group ShinyHunters, which allegedly stole 3.65 terabytes of data, including the personal information of 275 million students, teachers, and other individuals at approximately 9,000 education institutions. Now, the Committee on Homeland Security is summoning Instructure to a briefing, demanding answers on how the intrusion occurred, what types of data were affected, and how the company resolved the attack."
""The briefing should address the circumstances of both intrusions, the nature and volume of data accessed, the steps Instructure has taken and is taking to contain the threat and notify affected institutions, and the adequacy of the company's coordination with federal law enforcement and CISA," the Committee told Instructure in a letter (PDF) this week."
The US House Committee on Homeland Security requested Instructure provide details about cyberattacks that disrupted Canvas, a widely used online learning system. An initial intrusion on April 29 was blamed for disruptions affecting tools relying on API keys. Services were restored by May 3, then taken offline again on May 7 after hackers returned and defaced school login portals. The extortion group ShinyHunters claimed responsibility and alleged theft of 3.65 terabytes of data, including personal information for about 275 million people across roughly 9,000 education institutions. Instructure said it reached a deal to have stolen data returned and erased, reported that Free-For-Teacher account issues were exploited in both intrusions, and stated the incident was fully contained. The company temporarily shut down Free-For-Teacher accounts while resolving the issue. The Committee is summoning Instructure for a briefing covering intrusion circumstances, affected data, containment steps, notification actions, and coordination with federal law enforcement and CISA.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]