- Instructure confirms cyber attacks that expose names, emails, IDs and user communications
- ShinyHunters claims responsibility and claims data theft from millions across thousands of schools
- The incident highlights the risks of third-party integrations, with experts calling for stronger access controls
Instructure, the edtech giant behind the popular Canvas learning system, has confirmed it suffered a cyber attack and lost sensitive customer data.
The company released a brief statement confirming hit, “While our investigation continues with our external forensic experts, we believe at this stage that the incident has been contained,” the statement read.
Instructure said the crooks gained access to “certain identifying information about users” at affected institutions, including names, email addresses, student ID numbers and user communications.
The article continues below
ShinyHunters strikes again
Passwords, dates of birth, public identifiers or financial information were not involved.
Still, having names, emails and communications is more than enough information to launch very convincing phishing and identity theft attacks that can lead to more devastating fraud.
Instructure also said it revoked privileged credentials and access tokens associated with affected systems, deployed patches, rotated keys and implemented increased monitoring across all platforms.
The company did not say how many people were affected by the breach or who the threat actors were. However, Bleeping Computer found the infamous ShinyHunters took responsibility by listing the company on its dark web.
“Nearly 9,000 schools worldwide affected. 275 million individuals’ data ranging from students, teachers and other staff containing PII,” the crooks wrote.
“Several billions of private messages among students and teachers and students and other involved students, containing personal conversations and other PII. Your Salesforce instance was also breached and much more other data is involved.”
Apparently, the threat actors managed to gain access to Instructure through a vulnerability in their systems, which the company has subsequently patched. They appear to have stolen files from 15,000 institutions in various locations around the world, including Europe, North America and the Asia-Pacific region.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds.
