Instructure settles with hackers following massive student data theft
Instructure settles with hackers following massive student data theft
Publish Date: 2026-05-13 06:19:00
Source Domain: securityaffairs.com
Instructure settles with hackers following massive student data theft
Pierluigi Paganini
May 13, 2026
Educational tech firm Instructure reached a deal with hackers after a major Canvas breach exposed data stolen from schools and universities.
Educational tech firm Instructure says it reached an agreement with the cybercrime group behind a major Canvas data theft, after attackers broke into its systems and threatened to publish stolen information from schools and universities.
Instructure is a U.S.-based educational technology company best known for developing Canvas, one of the world’s most widely used learning management systems (LMS).
The U.S. firm confirmed a cybersecurity incident that exposed users’ personal information. Canvas is widely used by schools and universities to manage courses, assignments, and online learning, raising concerns about student and staff data security.
Instructure revoked privileged credentials and access tokens, deployed security patches, rotated some keys as a precaution, and increased monitoring across systems.
“Out of an abundance of caution, we rotated certain keys, even though there is no evidence they were misused – Implemented increased monitoring across all platforms.” reads the initial Incident Report. “While we continue actively investigating, thus far, indications are that the information involved consists of certain identifying information of users at affected institutions, such as names, email addresses, and student ID numbers, as well as messages among users. At this time, we have found no evidence that passwords, dates of birth, government identifiers, or financial information were involved.”
So far, the exposed data likely includes user identifiers such as names, email addresses, student ID numbers, and some user messages.
Instructure did not share details about the attack, however,…
