Canvas hack: company pays criminals to delete students' stolen data
open_in_new
Read the original article: https://www.bbc.com/news/articles/cdepzg83x87o?at_medium=RSS&at_campaign=rss
psychologyDetected Techniques
warning
Loaded Language
80% confidence
Using words with strong emotional connotations to influence an audience.
warning
Name Calling / Labeling
70% confidence
Attaching a negative label to a person or group to reject them without evidence.
fact_checkFact-Check Results
13 claims extracted and verified against multiple sources including cross-references, web search, and Wikipedia.
check_circle
Corroborated
6
schedule
Pending
3
info
Single Source
2
help
Insufficient Evidence
2
“The company behind the popular Canvas software... was hacked last week causing major disruption at thousands of universities and colleges”
CORROBORATED
Multiple independent web search results confirm that the company behind Canvas (Instructure) suffered a cyber-attack that disrupted thousands of schools and universities.
travel_explore
web search
NEUTRAL
— The company behind Canvas says it has "reached an agreement" with the hackers who disrupted thousands of colleges and universities.
https://www.bbc.com/news/articles/cdepzg83x87o
https://www.bbc.com/news/articles/cdepzg83x87o
travel_explore
web search
NEUTRAL
— International cyber attack disrupts swathe of universities and schools.Canvas access has been restored at all UC locations. UC will continue to monitor the situation as more information becomes availa…
https://news.google.com/stories/CAAqNggKIjBDQklTSGpvSmMzUnZj…
https://news.google.com/stories/CAAqNggKIjBDQklTSGpvSmMzUnZj…
travel_explore
web search
NEUTRAL
— A system that thousands of schools and universities use to support instruction was back online Friday after it went down during a cyberattack that created chaos as students tried to study for final ex…
https://www.aol.com/articles/canvas-system-used-thousands-sc…
https://www.aol.com/articles/canvas-system-used-thousands-sc…
“The cyber-attack affected an estimated 9,000 institutions in the US, Canada, Australia and the UK”
CORROBORATED
Multiple sources cite the figure of approximately 9,000 institutions across the US, Canada, Australia, and the UK being affected.
travel_explore
web search
NEUTRAL
— In 2026, Instructure provided Canvas to approximately 30 million active participants at over 8,000 educational institutions in the United States, United Kingdom, Canada, Australia, New Zealand and som…
https://en.wikipedia.org/wiki/2026_Canvas_security_incident
https://en.wikipedia.org/wiki/2026_Canvas_security_incident
travel_explore
web search
NEUTRAL
— A cyberattack shut down an education platform used by universities and K-12 schools across the US Thursday, depriving students and teachers of essential classroom materials — at a time when many ...
https://www.cnn.com/2026/05/07/us/canvas-hack-strands-colleg…
https://www.cnn.com/2026/05/07/us/canvas-hack-strands-colleg…
travel_explore
web search
NEUTRAL
— Hackers have published a massive list naming Harvard, Oxford, and MIT among thousands of educational institutions allegedly caught in the expanding Canvas data breach. ShinyHunters is continuing its v…
https://cybernews.com/security/anvas-lms-breach-universities…
https://cybernews.com/security/anvas-lms-breach-universities…
“The hackers threatened to publish 3.5 terabytes of student and university data they had stolen in the breach.”
CORROBORATED
Two independent sources specifically mention the threat to publish 3.5 terabytes of stolen student and university data.
travel_explore
web search
NEUTRAL
— The cyber-attack affected an estimated 9,000 institutions in the US, Canada, Australia and the UK, with exams disrupted after the Canvas service went down. The hackers threatened to publish 3.5 teraby…
https://www.bbc.com/news/articles/cdepzg83x87o
https://www.bbc.com/news/articles/cdepzg83x87o
travel_explore
web search
NEUTRAL
— ShinyHunters has breached Canvas, demanding a ransom from Instructure by 12 May 2026 and threatening to leak data affecting millions of students worldwide if it is not paid.
https://www.ibtimes.com/canvas-hackers-warn-pay-leak-ransom-…
https://www.ibtimes.com/canvas-hackers-warn-pay-leak-ransom-…
travel_explore
web search
NEUTRAL
— Education technology firm Instructure says it has reached an agreement with hackers after its popular learning platform Canvas suffered a data breach that potentially exposed details of up to 275 mill…
https://ia.acs.org.au/article/2026/canvas-breach---agreement…
https://ia.acs.org.au/article/2026/canvas-breach---agreement…
“Instructure, the maker of Canvas, has now confirmed it has "reached an agreement" with the hackers”
CORROBORATED
Three separate sources confirm that Instructure has reached an 'agreement' with the hackers.
travel_explore
web search
NEUTRAL
— Education technology firm Instructure says it has reached an agreement with hackers after its popular learning platform Canvas suffered a data breach that potentially exposed details of up to 275 mill…
https://ia.acs.org.au/article/2026/canvas-breach---agreement…
https://ia.acs.org.au/article/2026/canvas-breach---agreement…
travel_explore
web search
NEUTRAL
— Instructure, the maker of Canvas, has now confirmed it has "reached an agreement" with the hackers, who have said they deleted the data and promised not to extort any students or institutions.
https://www.bbc.com/news/articles/cdepzg83x87o
https://www.bbc.com/news/articles/cdepzg83x87o
travel_explore
web search
NEUTRAL
— The company at the centre of a cyber attack involving online learning platform Canvas, which is used right across Australia, says it has reached an "agreement" with the hackers responsible.
https://www.abc.net.au/news/2026-05-12/canvas-instructure-ag…
https://www.abc.net.au/news/2026-05-12/canvas-instructure-ag…
“when the notorious LockBit ransomware group was hacked by the National Crime Agency, police found stolen data had not been deleted even after payments had been made.”
CORROBORATED
Both a general news report on the Canvas hack and a specific Guardian report on the National Crime Agency's operation against LockBit confirm that data was not deleted despite payments.
travel_explore
web search
NEUTRAL
— In previous cases, criminals have accepted ransom payments but lied about destroying stolen data, instead keeping it for resale. For example, when the notorious LockBit ransomware group was hacked by …
https://www.bbc.com/news/articles/cdepzg83x87o
https://www.bbc.com/news/articles/cdepzg83x87o
travel_explore
web search
NEUTRAL
— A recent operation by the UK’s National Crime Agency against the LockBit ransomware gang found that the group had held on to data despite saying it would delete it after receiving a payment.
https://www.theguardian.com/technology/article/2024/jun/21/w…
https://www.theguardian.com/technology/article/2024/jun/21/w…
travel_explore
web search
NEUTRAL
— That’s how ransomware gang Lockbit greets its victims. In ransom notes left on compromised systems, the Russia-linked group directs its targets to a “secret chat” link where it promises to restore the…
https://ia.acs.org.au/article/2025/exposed--how-ransom-gang-…
https://ia.acs.org.au/article/2025/exposed--how-ransom-gang-…
“The breach was discovered on 29th April and was claimed online by the prolific Shiny Hunters extortion group.”
CORROBORATED
Multiple sources confirm the breach was discovered on April 29 and claimed by the Shiny Hunters group.
travel_explore
web search
NEUTRAL
— The breach was discovered on 29th April and was claimed online by the prolific Shiny Hunters extortion group.Shiny Hunters has also claimed it breached the company again in April 2026, ahead of the 29…
https://www.bbc.com/news/articles/cdepzg83x87o
https://www.bbc.com/news/articles/cdepzg83x87o
travel_explore
web search
NEUTRAL
— Cybercriminal group reportedly breaches Canvas, exposing student information.ShinyHunters’ Instructure Canvas LMS and Vimeo Breaches Impact Millions of Users. 2 days ago.
https://news.google.com/stories/CAAqNggKIjBDQklTSGpvSmMzUnZj…
https://news.google.com/stories/CAAqNggKIjBDQklTSGpvSmMzUnZj…
travel_explore
web search
NEUTRAL
— How Large Was the Alleged Canvas LMS Breach? The ShinyHunters breach allegedly exposed data tied to approximately 275 million users and nearly 9,000 schools and educational institutions. However, Inst…
https://www.hexnode.com/blogs/canvas-lms-data-breach-2026/
https://www.hexnode.com/blogs/canvas-lms-data-breach-2026/
“Aubrey Palmer, a meteorology student at Mississippi State University, told the BBC that they and other students had just finished writing a 2,900‑word exam essay when a ransom message suddenly appeared on their screens.”
SINGLE SOURCE
The specific detail about Aubrey Palmer and the 2,900-word essay is only found in one of the provided web search results; other results discuss the general disruption but not this specific student's account.
travel_explore
web search
NEUTRAL
— Aubrey Palmer, a meteorology student at Mississippi State University, told the BBC that they and other students had just finished writing a 2,900‑word exam essay when a ransom message suddenly appeare…
https://www.bbc.com/news/articles/cdepzg83x87o
https://www.bbc.com/news/articles/cdepzg83x87o
travel_explore
web search
NEUTRAL
— What Is a Twitter Direct Message and How Do I Send One?
https://www.lifewire.com/twitter-dm-or-direct-message-265535…
https://www.lifewire.com/twitter-dm-or-direct-message-265535…
travel_explore
web search
NEUTRAL
— Penn State canceled certain exams scheduled for Thursday night and Friday, saying it was working with faculty to "determine next steps for final grading" and urging students to check their emails (not…
https://www.stlpr.org/npr/2026-05-08/canvas-is-back-online-b…
https://www.stlpr.org/npr/2026-05-08/canvas-is-back-online-b…
“The note read: "Shiny Hunters has breached Instructure (again)."”
SINGLE SOURCE
The provided evidence for this claim consists of general dictionary definitions of 'ransom' and an IMDb page for a movie, rather than a report of the actual ransom note content.
travel_explore
web search
NEUTRAL
— Ransom refers to the practice of holding a prisoner or item to extort money or property to secure their release. [citation needed] It also refers to the sum of money paid by the other party to secure …
https://en.m.wikipedia.org/wiki/Ransom
https://en.m.wikipedia.org/wiki/Ransom
travel_explore
web search
NEUTRAL
— The meaning of RANSOM is a consideration paid or demanded for the release of someone or something from captivity. How to use ransom in a sentence. Synonym Discussion of Ransom.
https://www.merriam-webster.com/dictionary/ransom
https://www.merriam-webster.com/dictionary/ransom
travel_explore
web search
NEUTRAL
— Ransom: Directed by Ron Howard. With Mel Gibson, Gary Sinise, Rene Russo, Brawley Nolte. Multi-millionaire Tom Mullen's son is kidnapped, but after initially agreeing to pay the ransom Mullen then dec…
https://m.imdb.com/title/tt0117438
https://m.imdb.com/title/tt0117438
“Mississippi State University later announced some exams would be postponed to allow students to recover any lost work.”
INSUFFICIENT EVIDENCE
No evidence was found in the provided search results to confirm that Mississippi State University specifically postponed exams.
“The group [Shiny Hunters] has been linked to other breaches, including attacks on Jaguar Land Rover and Gucci.”
INSUFFICIENT EVIDENCE
No evidence was found in the provided search results linking Shiny Hunters to Jaguar Land Rover or Gucci.
“In Telegram messages exchanged with the BBC, Shiny Hunters said it had hacked Canvas twice before last Thursday's attack.”
PENDING
“Instructure disclosed a breach in September 2025 in a post on its blog.”
PENDING
“Shiny Hunters has also claimed it breached the company again in April 2026, ahead of the 29 April attack.”
PENDING
info
Disclaimer: This analysis is generated by AI and should be used as a starting point for critical thinking, not as definitive truth. Claims are verified against publicly available sources. Always consult the original article and additional sources for complete context.