Instructure reaches a deal with the hackers who breached its Canvas edtech platform to return stolen data and destroy copies, without saying what it exchanged
Instructure, which provides Canvas software to thousands of schools and universities around the world, did not say what it had given …
New York Times Qasim Nauman
Related Coverage
- Security Incident Update & FAQs Instructure
- Canvas breach: ‘Agreement’ made with hackers over stolen data Information Age · Tom Williams
- Company behind Canvas makes deal with hackers; Says stolen data was destroyed nltimes.nl
- Instructure Canvas hack update: Breach involved a specific teacher account type and interrupted finals Mashable · Matt Binder
- Instructure reaches ‘agreement’ with ShinyHunters to stop data leak BleepingComputer · Sergiu Gatlan
- Canvas parent settles with hacker group that stole user data Silicon Republic · Suhasini Srinivasaragavan
- Canvas hack: company pays hackers to delete students' stolen data BBC · Joe Tidy
- Deal reached with hackers to delete data stolen from the Canvas educational platform Associated Press · Kelvin Chan
- Cabrillo College, UCSC among schools affected by nationwide cyberattack Lookout Santa Cruz · Hillary Ojeda
- Instructure Reaches Deal With Hackers to Return Canvas User Data Bloomberg
- Instructure pays ransom after Canvas incident as Congress announces investigation The Record · Jonathan Greig
- Instructure strikes deal with hackers who breached it twice TechCrunch · Zack Whittaker
- Instructure forms deal with ShinyHunters who promise to destroy stolen Canvas data Metacurity · Cynthia B Brumfield
- Canvas owner reaches ‘agreement’ with hackers to secure stolen data The Verge · Jess Weatherbed
- Canvas Developer Indicates That It Paid Hackers to Delete Stolen Data PCMag · Michael Kan
- Instructure took a risky approach to recover stolen Canvas data Help Net Security · Sinisa Markovic
- Deal reached with hackers after Canadian universities hit by security breach Global News · Aaron D'Andrea
- Educational system Canvas says it reached a deal with hackers to delete stolen data Washington Examiner · Claire Carter
- Data stolen in Canvas hack that hit thousands of schools has been returned, company says KEYT-TV
- Canvas hackers reach deal with Instructure Insurance Business · Jonalyn Cueto
- Canvas owner reaches agreement with ShinyHunters, says user data was deleted CyberInsider · Amar Ćemanović
- Deal reached with hackers to delete data stolen from the Canvas educational platform Associated Press
- Update on Security Breach involving Canvas Canvas · Priscilla Hockin Brown
- Edtech giant Instructure strikes deal with ShinyHunters hackers prior to ransomware deadline Mashable · Matt Binder
- Canvas' parent company reaches agreement with hacking group behind recent breach Reuters
- Instructure, company behind Canvas learning platform, reaches deal with hackers to recover data Washington Times · Brad Matthews
- ‘Agreement’ with hackers resolves data breach on Canvas learning platform Straight Arrow News · Mikael Thalen
- Data stolen from Canvas returned, parent company says UPI · Lisa Hornung
- Data stolen in Canvas hack that hit thousands of schools has been returned, company says CNN
- Canvas parent firm reaches deal with hackers after massive breach The American Bazaar · Jayujyoti Mullick
- Deal Reached With Hackers To Delete Data Stolen From The Canvas Educational Platform SecurityWeek
- Deal reached with hackers to delete data stolen from the Canvas educational platform Livemint
- Latest Canvas Attack Shows Schools Still Struggle With Cybersecurity EdSurge
- Canvas Just Resolved a Major Hack. Here's How Your Company Can Avoid the Same Fate Inc · Chloe Aiello
- Canvas's owner strikes deal with hackers who disrupted thousands of schools Washington Post
- Deal reached with hackers to delete data stolen from the Canvas educational platform Associated Press · Kelvin Chan
- Canvas owner reaches ‘agreement’ with threat actors after data breach K-12 Dive · Anna Merod
- Canvas Hack Aftermath: Owner Instructure Reaches Deal With Hacker Group CNET · Tyler Graham
Discussion
-
@ubc
@ubc
on x
URGENT: Canvas is unavailable due to a cyber breach involving Instructure, the provider of Canvas. UBC community members should not log into Canvas until further notice. If you are logged in, please log out now and change your CWL password immediately. For more, click here: [imag…
-
@racheltobac
Rachel Tobac
on x
Whoa, Instructure (who owns Canvas) says they came to an agreement with the cyber criminals (typically this means a ransom was paid) in exchange for the stolen data being deleted instead of leaked and criminals ceasing all extortion requests from customers. Huge development. [ima…
-
@racheltobac
Rachel Tobac
on x
Canvas is hacked and stressing out 230+ Million students, teachers and staff during finals. What does this mean and how do we stay safe? What are the next steps for the 8,800 affected schools during finals. Answered below in my video: [video]
-
@troyhunt
Troy Hunt
on x
Wow, kinda stunned to see that level of transparency after (presumably) paying a ransom. This was such a high-profile incident with so many eyes on it, it's like a playbook for extortionists now. [image]
-
@racheltobac
Rachel Tobac
on x
This morning Instructure claims their “Free-For-Teacher” accounts have been temporarily shut down because the attackers leveraged “that pathway” for the cyber attack. Here are the details of the incident that have been released by Instructure so far: https://www.instructure.com/ …
-
@warriors_mom
@warriors_mom
on x
Instructure CEO apologizes after Canvas cyberattack causes data breach: Canvas is now fully back online and available, according to an update from the company. https://www.msn.com/...
-
@racheltobac
Rachel Tobac
on x
This agreement (ransom payment) comes 1 day before the May 12 ransom deadline ShinyHunters published. ShinyHunters claimed they stole billions of private and sensitive messages between teachers/students and PII, and apparently that won't be leaked now. https://www.instructure.com…
-
@darkwebinformer
@darkwebinformer
on x
‼️ Instructure has updated their security incident page with further information. https://www.instructure.com/ ... They state ShinyHunters exploited an issue related to their Free-For-Teacher accounts and have shut it down temporarily. [image]
-
@mrarenge
Andrew Arenge
on x
Seems like an important update for all of those folks at colleges and universities that were impacted by the Canvas hack. The Daily Pennsylvania is reporting that Instructure, the parent company of Canvas, paid the requested ransom to get the system turned back on
-
@ddimolfetta
David DiMolfetta
on x
Woah! Canvas parent company Instructure says it “reached an agreement with the unauthorized actor involved in this incident.” Sounds like a ransom was paid: https://www.instructure.com/ ... [image]
-
@jasmineni_
Jasmine Ni
on x
NEW: A ShinyHunters spox confirmed to me that Instructure has paid the requested ransom for the Canvas hack, and that “the data is gone.” The company released an update today stating they had “reached an agreement with the unauthorized actor involved in this incident.”
-
@racheltobac
Rachel Tobac
on x
There's many people that feel ransomware payments perpetuate & fund cyber criminal activity. Then there's other folks who argue that not paying the ransom puts customer data in harms way and leads to customer extortion. There's lots of opinions on whether this is right or wrong.
-
@aucyberseccoord
@aucyberseccoord
on x
Today the National Office of Cyber Security facilitated a briefing across the education sector to enable Instructure to update all stakeholders on the cyber incident impacting its Canvas learning management system globally. Instructure advised it has undertaken a broad range of […
-
@hypervisible.blacksky.app
@hypervisible.blacksky.app
on bluesky
Instructure said in a statement, that the deal “involved the return of the stolen data and confirmation that the data had been destroyed at the hackers' end. Instructure added that it had been informed that none of its customers would face extortion as a result of the theft.”
-
@bachynski
Kathleen Bachynski
on bluesky
So... does this mean Canvas paid the hackers? “We understand how unsettling situations like this can be, and protecting our community remains our top priority. With that responsibility in mind, Instructure reached an agreement with the unauthorized actor involved in this incide…
-
Gabrielle Hempel
Gabrielle Hempel
on linkedin
I am not a fan of the precedent this sets; however, probably the right call as the damages from class action will exceed whatever they are paying right now. …
-
Owen L.
Owen L.
on linkedin
Instructure paid the ransom. — 275M records. Names, school emails, student IDs, some messages. No SSNs. No financials. No passwords. …
-
@gumnos@mastodon.bsd.cafe
Tim Chase
on mastodon
So let me get this straight. — Instructure (the company behind the Canvas educational platform)¹ — • has paid the ransomware demands, so the bad actors have continued incentive and resources to provoke — • believes the claims that all the stolen data has been “shredded” …