Canvas, a popular cloud-based digital hub for classrooms, has recently been hacked by cybercriminals, who claimed to have stolen sensitive data from thousands of schools. According to the latest reports, the various schools affected by the attack have independently reached out to the hackers to negotiate terms.
Claim 55% Off TipRanks
- Unlock hedge fund-level data and powerful investing tools for smarter, sharper decisions
- Discover top-performing stock ideas and upgrade to a portfolio of market leaders with Smart Investor Picks
Canvas Hackers Threaten Payment or Data Leak
A hacker group called ShinyHunters, described as a group of young adults based in the U.S. and U.K., has broken into Canvas’s systems. The first signs of trouble appeared on April 29, when Instructure, the firm behind Canvas, found unusual activity on the platform. However, the situation got much worse by May 7, during final exams at colleges and universities across the U.S.
Rather than finding their class materials, students logging into Canvas were greeted by a ransom note from the hackers. They said, “This is a final warning to reach out by 6 May 2026 before we leak, along with several annoying (digital) problems that’ll come your way.”
Notably, Instructure, the company behind Canvas, revealed that the attackers had gained access to its systems through a flaw in their Free-For-Teacher accounts. They immediately shut down the accounts to plug the hole.
Instructure has said that the information stolen by the attackers includes emails, student ID numbers, and messages between teachers and students. However, they noted that there is no evidence that passwords, dates of birth, government IDs, or financial data were stolen.
Canvas Attack Affects Nearly 9,000 Schools
Nearly 9,000 schools across regions, including the U.S., U.K., New Zealand, Sweden, Australia, and the Netherlands, are reportedly victims of the ShinyHunters hack.
The timing of the attack was also quite brutal, as students in many schools were preparing for finals week. Some of the major schools affected include Harvard, Columbia, Princeton, Rutgers, Georgetown, and the University of Michigan.
Despite the hack, Instructure’s status page still shows 100% uptime and no issues, even though the outage was very public and widely reported. The ShinyHunters also said that, instead of making contact, Instructure ignored them and only made some security patches to their platform.
They have extended the deadline of their threat, warning that schools now “have till the end of the day by 12 May 2026 before everything is leaked.”
Is KKR a Good Buy Right Now?
Instructure, the creator of Canvas, a private company, was acquired by KKR & Co. Inc. (KKR) and Dragoneer in November 2024 for $4.8 billion. The KKR stock is currently rated a Strong Buy by Wall Street analysts tracked by TipRanks. The stock has a projected price target of $125.36, implying a more than 22.3% upside. For more information about KKR’s ratings and performance metrics, visit the TipRanks Stocks Comparison Center.
