Canvas Has Been Hacked, and Is Apparently Being Held for Ransom

By Eleonore Christiansen on May 8, 2026

Canvas, the cloud-based learning management system used by more than 8,000 colleges and universities, including all top ten colleges in the U.S., is being held for ransom. A group called Shinyhunters has claimed responsibility for the hack and has given Canvas’ parent company, Instructure, until May 12 to reach a settlement, or else “everything is leaked.”

Canvas outages have been reported nationwide

There’s no word on how many schools have been affected, but reports of students being unable to access Canvas are coming in from universities and colleges all over the country. Over the last half an hour, complaints of Canvas being down have gone from nearly none to over 8,000 on Down Detector.


Credit: Stephen Johnson

A similar breach of Instructure took place in late April or early May, and the company confirmed that names, email addresses, student ID numbers, and private messages exchanged between users were exposed by Shinyhunters, but said there was no evidence of compromised passwords, dates of birth, social security numbers, or financial information.

Instructure updated its software on May 2, saying that it had deployed patches, increased monitoring, and taken other measures meant to contain the damage, a fact referenced by ShinyHunters in the message left for Canvas users:


What do you think so far?


Credit: Stephen Johnson

The hacker group claimed its previous hack added up to over 3 terabytes of data, affecting 275 million students, teachers, and others at close to 9,000 educational institutions. Whether this latest breach will be that large remains to be seen.

What to do if you’re affected by the Canvas outage

While the threat is presumably being resolved, here are some steps students and faculty can take to make their digital data more secure on Canvas.

  • Change your password: If you can log in, change your Canvas password. If you use the same password for banking, email, and other places, change those as well.

  • Enable Multi-Factor Authentication (MFA): This adds an extra layer of security.

  • Beware of phishing emails: If email addresses were compromised, hackers may send highly targeted emails to students. Be suspicious of any messages asking you to install software or share account information.

  • Monitor your credit: It’s unknown whether financial information was part of the hack, but giving your credit report a check wouldn’t hurt.

Related Posts

Venom and Hot Peppers Offer a Key to Killing Resistant Bacteria

Billie Eilish Doesn’t Know if There Will Ever Be Another Billie Eilish

Candace Cameron Bure’s Daughter Natasha Bure Is Pregnant | E! News

Sabrina Carpenter walked in to “Cats: The Jellicle Ball” and dream-came-trued it for us. 😍

Barack Obama compares Larry David to ‘world’s most troublesome leaders’ in trailer for brand spanking new sketch present

Kelly Clarkson Rejoining The Voice for Season 30 | E! News

We’re flipping out over Quenlin Blackwell on the “Billie Eilish: Hit Me Hard And Soft” carpet. 😂