Education tech giant Instructure's Canvas platform was defaced by hackers this week, who published a message threatening to release stolen student data on May 12 if the company doesn't "negotiate a settlement". The hackers, who claim responsibility for the breach, injected an HTML file into the login screens of at least three schools' portals. This is the second apparent hack on Instructure's systems this year, following a previous breach in which hackers claimed to have stolen data from almost 9,000 schools worldwide, affecting over 231 million people.
The hackers, known as ShinyHunters, published a message on the Canvas login pages saying they will release the stolen data unless Instructure pays them. The company's website was partially down at the time of writing, with some users receiving an error message saying it was "currently undergoing scheduled maintenance". Instructure did not immediately respond to requests for comment.
The defacement is likely an attempt by ShinyHunters to pressure Instructure and its customers into paying a ransom. The hackers have followed this playbook in previous hacks, compromising countless victims over the last couple of years.
ShinyHunters claims that the current breach is separate from the original hack earlier this year. However, the exact nature of the compromise remains unclear, with the hackers refusing to comment on specifics.
