Canvas reaches deal with hackers to return data, including Hong Kong users
open_in_new
Read the original article: https://www.scmp.com/news/hong-kong/education/article/3353374/canvas-reaches-dea…
fact_checkFact-Check Results
5 claims extracted and verified against multiple sources including cross-references, web search, and Wikipedia.
check_circle
Corroborated
3
info
Single Source
1
verified
Verified By Reference
1
“Canvas, the education platform hit by a global data breach affecting 72,571 Hongkongers, has reached an agreement with the hackers to return all compromised data.”
CORROBORATED
Multiple sources confirm that Instructure/Canvas reached an agreement with hackers (ShinyHunters) to return/destroy compromised data. While the specific number of '72,571 Hongkongers' is not explicitly detailed in the provided snippets, the core event of the breach and the agreement is corroborated by Wikipedia and multiple news reports.
travel_explore
web search
NEUTRAL
— Access your Canvas account to manage courses, view assignments, and engage with learning materials.
https://www.instructure.com/canvas/login
https://www.instructure.com/canvas/login
travel_explore
web search
NEUTRAL
— Official Login page for Canvas student login, School Search Canvas, Canvas Network, Canvas Community, and Canvas Free For Teacher accounts.
https://cloud.canvaslms.net/login
https://cloud.canvaslms.net/login
travel_explore
web search
NEUTRAL
— About Use Canvas to communicate with students. Design courses with a student-centered approach. Grade your students and create assignments and quizzes.
https://www.it.psu.edu/services/canvas/
https://www.it.psu.edu/services/canvas/
“Instructure, the parent company of Canvas, has said it would hold a webinar for its leadership on Wednesday to provide details of the attack and discuss measures to “harden the system”.”
SINGLE SOURCE
The provided evidence confirms the breach and the agreement with hackers, but none of the search results mention a specific 'webinar for leadership on Wednesday' or the phrase 'harden the system'.
travel_explore
web search
NEUTRAL
— Security firms and reporters have credited the May 2026 Instructure/Canvas incidents to the extortion group ShinyHunters largely on the basis of the group’s public claims, the publication of victim li…
https://factually.co/fact-checks/technology/instructure-canv…
https://factually.co/fact-checks/technology/instructure-canv…
travel_explore
web search
NEUTRAL
— Air France and KLM notify customers of data breach exposing names, contact details, and Flying Blue numbers through third-party provider hack.
https://cybernews.com/security/air-france-klm-customer-data-…
https://cybernews.com/security/air-france-klm-customer-data-…
travel_explore
web search
NEUTRAL
— The explosion of AI across every industry has seen hundreds of water- and power-hungry server farms sprout up across the US. Already, one-third of the world'...
https://www.youtube.com/watch?v=t-8TDOFqkQA
https://www.youtube.com/watch?v=t-8TDOFqkQA
“The breach, which has been unfolding since last Thursday, is estimated to have affected about 9,000 institutions worldwide.”
CORROBORATED
Two independent sources specifically mention the figure of nearly 9,000 schools/institutions affected by the ShinyHunters breach of Instructure/Canvas.
travel_explore
web search
NEUTRAL
— Some schools are warning users not to log back into Canvas yet, after a ransomware group claimed credit for a data breach. Half of North America's higher education institutions use the platform.
https://www.npr.org/2026/05/08/nx-s1-5815956/canvas-data-bre…
https://www.npr.org/2026/05/08/nx-s1-5815956/canvas-data-bre…
travel_explore
web search
NEUTRAL
— “ShinyHunters has breached Instructure (again). Instead of contacting us to resolve it they ignored us and did some ‘security patches’,” the note reads. The group advised affected schools to consult s…
https://cybernoz.com/shinyhunters-claims-nearly-9000-schools…
https://cybernoz.com/shinyhunters-claims-nearly-9000-schools…
travel_explore
web search
NEUTRAL
— Affected student Aubrey Palmer. The note read: "Shiny Hunters has breached Instructure (again)." It threatened to release stolen data unless a ransom was paid in bitcoin by Canvas or affected universi…
https://www.bbc.com/news/articles/cdepzg83x87o
https://www.bbc.com/news/articles/cdepzg83x87o
“In a statement on its website, Instructure said it had reached an agreement with the attacker that included the return and destruction of any data stored by the hackers.”
VERIFIED BY REFERENCE
Wikipedia explicitly states that on May 11, Instructure announced they reached an agreement with hackers for the return and destruction of compromised data. This is further corroborated by other news sources.
travel_explore
web search
NEUTRAL
— On May 11, Instructure issued an apology for their lack of transparency and announced that they have reached an agreement with the hackers for an undisclosed amount and that the compromised data was d…
https://en.wikipedia.org/wiki/2026_Canvas_security_incident
https://en.wikipedia.org/wiki/2026_Canvas_security_incident
travel_explore
web search
NEUTRAL
— The maker of the Canvas school software said it "reached an agreement" with the hackers, but provided no guarantees that the hackers would not release the data or keep their word.
https://techcrunch.com/2026/05/12/instructure-strikes-deal-w…
https://techcrunch.com/2026/05/12/instructure-strikes-deal-w…
travel_explore
web search
NEUTRAL
— The agreement, Instructure said in a statement, involved the return of the stolen data and confirmation that the data had been destroyed at the hackers' end.
https://www.nytimes.com/2026/05/12/us/canvas-instructure-hac…
https://www.nytimes.com/2026/05/12/us/canvas-instructure-hac…
““We have been informed that no Instructure customers will be extorted as a result of this incident, publicly or otherwise,” it said.”
CORROBORATED
The exact quote 'no Instructure customers will be extorted as a result of this incident, publicly or otherwise' appears in multiple independent reports citing Instructure's statement.
travel_explore
web search
NEUTRAL
— The data breach involved the theft of large amounts of data, including student ID numbers, email addresses and messages on the learning platform. What's next?Instructure says all data accessed has bee…
https://www.abc.net.au/news/2026-05-12/canvas-instructure-ag…
https://www.abc.net.au/news/2026-05-12/canvas-instructure-ag…
travel_explore
web search
NEUTRAL
— According to the company, all data was returned, it received digital confirmation of data destruction, and it was told that "no Instructure customers will be extorted as a result of this incident, pub…
https://www.techlicious.com/blog/canvas-shinyhunters-ransom-…
https://www.techlicious.com/blog/canvas-shinyhunters-ransom-…
travel_explore
web search
NEUTRAL
— Instructure said it received digital confirmation of the data’s destruction, called “shred logs,” from the hacking group, the company said. “We have been informed that no Instructure customers will be…
https://edition.cnn.com/2026/05/12/us/canvas-hack-data-retur…
https://edition.cnn.com/2026/05/12/us/canvas-hack-data-retur…
info
Disclaimer: This analysis is generated by AI and should be used as a starting point for critical thinking, not as definitive truth. Claims are verified against publicly available sources. Always consult the original article and additional sources for complete context.