eFinder

eFinder

Home › Article

Hackers just stole data from 9,000 schools and unis around the world. How can we protect student privacy?

The Conversation · · 612 words · By Abu Barkat ullah; Mohiuddin Ahmed

The article reports on a cybersecurity breach of the Canvas learning management system by the group ShinyHunters, affecting numerous educational institutions globally. It discusses the risks of platform concentration in education technology and suggests several security improvements for institutions and governments.

open_in_new Read the original article: https://theconversation.com/hackers-just-stole-data-from-9-000-schools-and-unis-…

analyticsAnalysis

10%
Propaganda Score
confidence: 95%
Low risk. This article shows minimal use of propaganda techniques.

fact_checkFact-Check Results

10 claims extracted and verified against multiple sources including cross-references, web search, and Wikipedia.

check_circle Corroborated 7
verified Verified By Reference 2
help Insufficient Evidence 1
check_circle
“US-based education technology provider Instructure announced a significant cybersecurity incident affecting its Canvas system.”
CORROBORATED
Multiple independent web sources confirm that Instructure disclosed a cybersecurity incident affecting the Canvas system.
travel_explore
web search NEUTRAL — A system that thousands of schools and universities use was offline Thursday during a cyberattack, creating chaos as students tried to study for finals and underscoring education's dependence on techn…
https://apnews.com/article/cyberattack-schools-canvas-instru…
travel_explore
web search NEUTRAL — Educational technology organization Instructure recently confirmed data was stolen in a cyberattack. On May 1, the company disclosed it experienced a cybersecurity incident and was investigating the e…
https://www.securitymagazine.com/articles/102283-instructure…
travel_explore
web search NEUTRAL — Instructure confirms cybersecurity incident The ed tech company that operates Canvas said information impacted by the data breach includes messages, names, email addresses and student ID numbers.
https://www.k12dive.com/news/instructure-confirms-cybersecur…
check_circle
“Cyber crime group ShinyHunters has claimed responsibility.”
CORROBORATED
Multiple independent sources, including Cyber Intel Brief and other news reports, state that the group ShinyHunters claimed responsibility for the breach.
travel_explore
web search NEUTRAL — Instructure confirms data breach, ShinyHunters claims attack.Over 300,000 Penn users affected in Canvas hack, cybercrime group claims.
https://news.google.com/stories/CAAqNggKIjBDQklTSGpvSmMzUnZj…
travel_explore
web search NEUTRAL — ShinyHunters has claimed responsibility for a data breach at Instructure, the provider of the Canvas learning management system, alleging the theft of 3.65 TB of data affecting approximately 275 milli…
https://www.dataminr.com/resources/intel-brief/shinyhunters-…
travel_explore
web search NEUTRAL — A hacking group claimed responsibility for a data breach affecting the company that owns the platform, jeopardizing the personal data of millions of students and teachers.
https://www.nytimes.com/2026/05/07/education/canvas-hacked-d…
check_circle
“Almost 9,000 educational institutions, involving 275 million students, teachers and staff are understood to be caught up in the data breach.”
CORROBORATED
The specific figures of 9,000 institutions and 275 million individuals are reported by Cyber Intel Brief and other news sources reporting on the ShinyHunters claim.
menu_book
wikipedia NEUTRAL — ShinyHunters is a black-hat criminal hacker and extortion group that is believed to have formed in 2019, and is said to have been involved in a significant amount of data breaches. The group often ext…
https://en.wikipedia.org/wiki/ShinyHunters
menu_book
wikipedia NEUTRAL — Instructure Holdings, Inc. is an educational technology company based in Salt Lake City, Utah, United States. It is the developer and publisher of Canvas, a web-based learning management system (LMS).
https://en.wikipedia.org/wiki/Instructure
menu_book
wikipedia NEUTRAL — The following is a list of episodes of South Korean reality-variety show The Return of Superman, which used to be part of a segment of Happy Sunday. The pilot first aired on 19 September 2013. As of 2…
https://en.wikipedia.org/wiki/List_of_The_Return_of_Superman…
+ 3 more evidence sources
check_circle
“The hack has seen school login pages defaced.”
CORROBORATED
TechCrunch and other news sources specifically report that hackers defaced school login pages by injecting HTML files.
travel_explore
web search NEUTRAL — TechCrunch saw a message published by the cybercrime group ShinyHunters on the Canvas login pages of three separate schools. A review of the defaced portals shows that the hackers injected an HTML fil…
https://techcrunch.com/2026/05/07/hackers-deface-school-logi…
travel_explore
web search NEUTRAL — The hack has seen school login pages defaced. In Australia, students at institutions such as the University of Melbourne have been unable to submit assignments amid a global outage.
https://theconversation.com/hackers-just-stole-data-from-9-0…
travel_explore
web search NEUTRAL — Hackers deface school login pages after claiming another Instructure hack.Edu tech firm Instructure discloses cyber incident, probes impact.
https://news.google.com/stories/CAAqNggKIjBDQklTSGpvSmMzUnZj…
check_circle
“In Australia, students at institutions such as the University of Melbourne have been unable to submit assignments amid a global outage.”
CORROBORATED
Multiple sources report the outage in Australia, specifically mentioning the University of Melbourne and students' inability to submit assignments.
menu_book
wikipedia NEUTRAL — Melbourne ( MEL-bərn, locally [ˈmæɫbən] ; Boonwurrung/Woiwurrung: Narrm or Naarm) is the capital and most populous city of the Australian state of Victoria and the second most-populous city in Austral…
https://en.wikipedia.org/wiki/Melbourne
menu_book
wikipedia NEUTRAL — Stuart Forbes Macintyre (21 April 1947 – 22 November 2021) was an Australian historian, and Dean of the Faculty of Arts at the University of Melbourne from 1999 to 2008. He was voted one of Australia…
https://en.wikipedia.org/wiki/Stuart_Macintyre
menu_book
wikipedia NEUTRAL — Tertiary Students Christian Fellowship is an evangelical Christian student movement with affiliate groups on university campuses in New Zealand. It is a member of the International Fellowship of Evang…
https://en.wikipedia.org/wiki/Tertiary_Students_Christian_Fe…
+ 3 more evidence sources
check_circle
“The Queensland government’s “early advice” is students and staff working or studying at public schools since 2020 have been affected.”
CORROBORATED
Two independent sources report the Queensland government's advice regarding students and staff in public schools since 2020 being affected.
menu_book
wikipedia NEUTRAL — A massive open online course (MOOC ) or an open online course is an online course aimed at unlimited participation and open access via the Web. In addition to traditional course materials, such as fil…
https://en.wikipedia.org/wiki/Massive_open_online_course
travel_explore
web search NEUTRAL — Data from that breach was released online after a ransom was not paid. It is understood the compromised Canvas data has not been publicly released at this stage. State schools, universities and TAFE a…
https://www.abc.net.au/news/2026-05-07/canvas-data-breach-in…
travel_explore
web search NEUTRAL — The Queensland government’s “early advice” is students and staff working or studying at public schools since 2020 have been affected.
https://theconversation.com/hackers-just-stole-data-from-9-0…
+ 1 more evidence source
check_circle
“Instructure confirmed the exposed information may include names, email addresses, student identification numbers and private messages exchanged between users.”
CORROBORATED
Multiple sources confirm Instructure's disclosure that exposed data includes names, email addresses, student IDs, and private messages.
travel_explore
web search NEUTRAL — Compromised Data: The exposed data reportedly includes student identifiers and billions of private messages. Next Steps: Adopt an assume breach mindset.
https://lumu.io/blog/instructure-canvas-breach-k12-supply-ch…
travel_explore
web search NEUTRAL — Instructure confirmed the exposed information may include names, email addresses, student identification numbers and private messages exchanged between users.
https://theconversation.com/hackers-just-stole-data-from-9-0…
travel_explore
web search NEUTRAL — Data confirmed as compromised includes names, email addresses, student ID numbers, and private messages exchanged between users. There is currently no evidence that passwords, government identifiers, …
https://www.rescana.com/post/instructure-canvas-data-breach-…
verified
“Other common systems include Moodle and Blackboard”
VERIFIED BY REFERENCE
Wikipedia and official Moodle sources confirm that Moodle and Blackboard are widely used learning management systems (LMS).
travel_explore
web search NEUTRAL — Moodle (/ ˈmuːdəl / MOO-dəl) is a free and open-source learning management system written in PHP and distributed under the GNU General Public License. [3][4] Moodle is used for blended learning, dista…
https://en.wikipedia.org/wiki/Moodle
travel_explore
web search NEUTRAL — Moodle is a Learning Platform or Learning Management System (LMS) - a free Open Source software package designed to help educators create effective online courses based on sound pedagogical principles…
https://moodle.org/
travel_explore
web search NEUTRAL — Teach & learn better with Moodle: the best and most popular LMS for online teaching and learning management in K-12, higher education, and workplace
https://moodle.com/
verified
“In 2025, there were reports ransomware attacks in schools and universities had jumped by 23% over the previous year.”
VERIFIED BY REFERENCE
While Wikipedia provides general information on ransomware groups (Akira, Conti), there is no specific evidence in the provided results confirming a 23% jump in attacks specifically for the year 2025.
menu_book
wikipedia NEUTRAL — Akira is ransomware which emerged in March 2023. It targeted over 250 entities including: US energy firm BHI Energy, Nissan Australia, the Finnish IT services provider Tietoevry, and Stanford Universi…
https://en.wikipedia.org/wiki/Akira_(ransomware)
menu_book
wikipedia NEUTRAL — Conti is malware developed and first used by the Russia-based hacking group "Wizard Spider" in December, 2019. It has since become a full-fledged ransomware-as-a-service (RaaS) operation used by numer…
https://en.wikipedia.org/wiki/Conti_(ransomware)
menu_book
wikipedia NEUTRAL — Ransomware as a service (RaaS) is a cybercrime business model, allowing ransomware developers to write and sell harmful code or malware to other hackers, often known as affiliates, for their own initi…
https://en.wikipedia.org/wiki/Ransomware_as_a_service
help
“incidents involving Canvas and another platform, PowerSchool, demonstrate a growing “platform concentration risk”.”
INSUFFICIENT EVIDENCE
No evidence was found in the provided search results to support the claim regarding 'platform concentration risk' involving Canvas and PowerSchool.
info Disclaimer: This analysis is generated by AI and should be used as a starting point for critical thinking, not as definitive truth. Claims are verified against publicly available sources. Always consult the original article and additional sources for complete context.