The week of May 10th, Canvas got hacked, hitting 9,000 institutions in and out of the US. The hackers threatened to publish 3.5 terabytes of data. This caused chaos, especially since students were preparing for finals.
The name of the hacking group is the ShinyHunters. They told people that 275 million individuals’ data would be leaked unless a ransom was paid by May 6th. However, the hackers extended the deadline due to some negotiating. They mentioned that even if they returned all the data, none of it would be completely erased. Everyone is hoping that Canvas turns into a stronger software so that there’s less of a chance for data to be leaked.
To get all of the data returned, the creator of Canvas made a deal with the hackers. No one knows what the deal was, but, by Monday, everyone received confirmation that everything’s deleted. Instructure said, “While there is never complete certainty when dealing with cyber criminals, we believe it is important to take every step within our control to give customers additional peace of mind to the extent possible.”
There has been more information about what the hackers actually took from people that use Canvas. They took student ID numbers, emails, addresses, names, and messages.
All data has been returned and teachers are back on track, as well as students. The owner is now working on making Canvas stronger so that it won’t get hacked again.
According to CNN, “Instructure said it is organizing a webinar with company leadership to detail information about the attack and its efforts to harden the system. The company said it expects the webinar to take place on May 13th across multiple time zones.” This shows how quick Canvas got to trying to improve their system for the sake of everyone that uses it.
All in all, the hackers won’t mess with Canvas again, but that doesn’t necessarily mean Canvas can’t get hacked by other hackers. That’s why they’re taking the initiative to help the app itself.
Did the Canvas hack reach you?
