- ShinyHunters claims the Instructure attack exposed data from nearly 9,000 schools and 275 million individuals
- Newly named victims include elite universities (Harvard, MIT, Oxford, Stanford, Cambridge, etc.) and large technology companies
- With ransom due on May 7, at least 47 million students risk exposure if talks fail
Some of the world’s leading universities, including Harvard, Oxford and MIT, may have had their sensitive data stolen by ShinyHunters in the recent Canvas breach.
Instructure, the edtech giant behind the popular Canvas learning system, recently confirmed it suffered a cyber attack and lost sensitive customer data.
To further pressure Instructure to pay the ransom demand, ShinyHunters shared more details about various organizations affected by the breach. It listed more than 8,800 educational institutions in 10 different countries, such as the United States, Australia, the United Kingdom and Sweden.
Thousands of victims, millions of files
It claims that in addition to Harvard, MIT and Oxford, other major organizations are also affected, including Stanford, Princeton, Columbia, Cambridge, Cornell, Berkeley and Georgetown.
Major tech companies are also reportedly affected, including Amazon, Apple and Cisco. This could mean that these organizations were using Canvas to train their employees, but at this point this is pure speculation.
The deadline to pay the ransom demand is May 7, 2026, and if Instructure decides not to pay, at least 47 million students could have their sensitive data exposed to other hackers.
The company said the crooks gained access to “certain identifying information about users” at affected institutions, including names, email addresses, student ID numbers and user communications.
Passwords, dates of birth, government identifiers or financial information were not involved, and the company revoked privileged credentials and access tokens associated with affected systems to mitigate the threat.
At the same time, ShinyHunters, one of the most active ransomware groups right now, added Instructure to its data breach site, claiming to have stolen information from nearly 9,000 schools affecting 275 million individuals.
“Several billions of private messages among students and teachers and students and other involved students, containing personal conversations and other PII. Your Salesforce instance was also breached and much more other data is involved,” ShinyHunters reportedly said at the time.
Via Cyber news
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds.
