Another Security Threat at Canvas?
Two months after Instructure made a deal with hackers to salvage troves of stolen user data, the company—which owns the popular learning management system Canvas—may have another breach on its hands. And this time, the incident is delaying Instructure’s efforts to be transparent with its customers about their compromised data.
In May, a criminal extortion group known as ShinyHunters twice hacked Canvas and claimed that it gained access to the personal identifying information of 275 million people across 9,000 institutions. At the time, the company said the leaked information included names, email addresses, student ID numbers and user messages, but it “found no evidence that passwords, dates of birth, government identifiers, or financial information were involved.”
In the aftermath, Instructure CEO Steve Daly vowed to be “transparent about what happened” and provide K–12 schools and higher education institutions “with information as quickly as we responsibly could.” Over the past two months, Instructure has worked “to conduct a detailed forensic review of the data involved in this incident,” Daly said in a memo last week.
On Tuesday, the company was set to deliver to institutions the first wave of data related to the breach.
Instead, Daly said Tuesday that the company is “pausing data delivery out of an abundance of caution” after learning that “the third-party platform we’ve selected to deliver your data may have been subject to a security threat.” (In a previous memo, Instructure said institutions would receive the data “through a secure, permissioned ShareFile link sent directly from Sharefile only to the security contact(s) your institution has designated.”)
Daly assured customers—which includes the 41 percent of higher education institutions in North America that use Canvas for course delivery—that though their “data remains secure,” the company “will proceed only when we are confident the third-party platform is safe … Security is paramount, and before we upload your data, we want to take the time to assess the platform’s safety or find an alternative.”
You may be interested

Matt Damon flabbergast Tom Holland has never seen one of the greatest films ever | Films | Entertainment
new admin - Jul 16, 2026Tomorrow marks the cinematic release of Sir Christopher Nolan’s latest blockbuster, The Odyssey. The all-star cast has been travelling the…

Claude can now use your 1Password credentials for you
new admin - Jul 16, 20261Password has launched a new browser integration for Claude that allows the Anthropic chatbot to access stored security credentials like…
Trump to allege Chinese meddling in U.S. elections during primetime speech
new admin - Jul 16, 2026President Trump's primetime speech on Thursday will include new claims of Chinese meddling in U.S. elections, sources tell CBS News.…






























