What we know about the Canvas hack impacting thousands of schools
open_in_new
Read the original article: https://krdo.com/news/2026/05/08/canvas-hack-strands-university-students-during-…
fact_checkFact-Check Results
16 claims extracted and verified against multiple sources including cross-references, web search, and Wikipedia.
check_circle
Corroborated
6
schedule
Pending
6
info
Single Source
2
verified
Verified
1
help
Insufficient Evidence
1
“An apparent cyberattack shut down an education platform used by universities and K-12 schools across the US Thursday”
CORROBORATED
Multiple web search results confirm that the Canvas platform, used by K-12 and universities, shut down for several hours on a Thursday due to a cyberattack.
menu_book
wikipedia
NEUTRAL
— This is a list of Lollapalooza lineups, sorted by year. Lollapalooza was an annual travelling music festival organized from 1991 to 1997 by Jane's Addiction singer Perry Farrell. The concept was reviv…
https://en.wikipedia.org/wiki/List_of_Lollapalooza_lineups_b…
https://en.wikipedia.org/wiki/List_of_Lollapalooza_lineups_b…
menu_book
wikipedia
NEUTRAL
— Thanksgiving is a federal holiday in the United States celebrated on the fourth Thursday of November (which became the uniform date country-wide in 1941). The earliest Thanksgiving can occur is Novemb…
https://en.wikipedia.org/wiki/Thanksgiving_(United_States)
https://en.wikipedia.org/wiki/Thanksgiving_(United_States)
menu_book
wikipedia
NEUTRAL
— Jarrell Miller (born July 15, 1988) is an American professional boxer and former kickboxer. In boxing, at regional level, he held the NABA and NABO heavyweight titles from 2016 to 2017. He holds notab…
https://en.wikipedia.org/wiki/Jarrell_Miller
https://en.wikipedia.org/wiki/Jarrell_Miller
+ 3 more evidence sources
“Canvas, a popular, cloud-based digital hub for classrooms, has more than 30 million active users globally, with more than 8,000 institutions as customers, parent company Instructure says on its website.”
CORROBORATED
The specific statistics (30 million users, 8,000 institutions) are reported by multiple independent news sources and cross-references, citing Instructure's own website.
menu_book
wikipedia
NEUTRAL
— Canvas is a durable plain-woven fabric used for making sails, tents, marquees, backpacks, shelters, as a support for oil painting and for other items for which sturdiness is required, as well as in su…
https://en.wikipedia.org/wiki/Canvas
https://en.wikipedia.org/wiki/Canvas
menu_book
wikipedia
NEUTRAL
— The HTML canvas element allows for dynamic, scriptable rendering of 2D shapes and bitmap images. Introduced in HTML5, it is a low level, procedural model that updates a bitmap. The <canvas> element al…
https://en.wikipedia.org/wiki/Canvas_element
https://en.wikipedia.org/wiki/Canvas_element
menu_book
wikipedia
NEUTRAL
— Micromax Informatics is an Indian multinational manufacturer of consumer electronics and home appliances, headquartered in Gurgaon. It was established in March 2000 as an IT software company operating…
https://en.wikipedia.org/wiki/Micromax_Informatics
https://en.wikipedia.org/wiki/Micromax_Informatics
+ 4 more evidence sources
“Large public school systems and top universities like Columbia, Princeton, Harvard and Georgetown reported a ransom note signed by a hacking group had appeared on the homepage of their schools’ Canvas sites Thursday.”
CORROBORATED
Multiple sources report that prominent universities (Harvard, Columbia, etc.) were affected and that hackers defaced login pages with messages/ransom notes.
menu_book
wikipedia
NEUTRAL
— Agnes Elizabeth Ernst Meyer (née Ernst; January 2, 1887 – September 1, 1970) was an American journalist, philanthropist, civil rights activist, and art patron. Throughout her life, Meyer was engaged …
https://en.wikipedia.org/wiki/Agnes_E._Meyer
https://en.wikipedia.org/wiki/Agnes_E._Meyer
menu_book
wikipedia
NEUTRAL
— College Bowl (which has carried a naming rights sponsor, initially General Electric and later Capital One) is a radio, television, and student quiz show. College Bowl first aired on the NBC Radio Netw…
https://en.wikipedia.org/wiki/College_Bowl
https://en.wikipedia.org/wiki/College_Bowl
menu_book
wikipedia
NEUTRAL
— The early history of American football can be traced to early versions of rugby football and association football. Both games have their origin in varieties of football played in Britain in the mid–19…
https://en.wikipedia.org/wiki/Early_history_of_American_foot…
https://en.wikipedia.org/wiki/Early_history_of_American_foot…
+ 3 more evidence sources
“By late Thursday night, Instructure had announced Canvas was available again “for most users””
CORROBORATED
Two independent web sources explicitly state that Instructure announced Canvas was available again 'for most users' late Thursday evening.
menu_book
wikipedia
NEUTRAL
— The State College of Florida Collegiate School (SCFCS) is a public charter school in Florida, United States. Established in Fall 2010, it is part of and operates on State College of Florida's Bradento…
https://en.wikipedia.org/wiki/State_College_of_Florida_Colle…
https://en.wikipedia.org/wiki/State_College_of_Florida_Colle…
travel_explore
web search
NEUTRAL
— Canvas has more than 30 million active users globally, parent company Instructure says on its website, with more than 8,000 institutions as customers. Many of those students are in the middle of a bus…
https://www.yahoo.com/news/articles/canvas-hack-strands-univ…
https://www.yahoo.com/news/articles/canvas-hack-strands-univ…
travel_explore
web search
NEUTRAL
— Instructure, which provides Canvas to about half of all colleges and universities in North America, said in an alert posted on its website late Thursday that the software was available for most users.
https://www.nytimes.com/2026/05/07/education/canvas-hacked-d…
https://www.nytimes.com/2026/05/07/education/canvas-hacked-d…
+ 1 more evidence source
“A University of Washington student who tried to log into Canvas around noon Thursday was greeted by a message from the hacking group ShinyHunters, which claimed to have “breached” the platform’s parent company.”
CORROBORATED
Multiple sources confirm the hacking group ShinyHunters claimed responsibility for the breach of Instructure.
menu_book
wikipedia
NEUTRAL
— ShinyHunters is a black-hat criminal hacker and extortion group that is believed to have formed in 2019, and is said to have been involved in a significant amount of data breaches. The group often ext…
https://en.wikipedia.org/wiki/ShinyHunters
https://en.wikipedia.org/wiki/ShinyHunters
travel_explore
web search
NEUTRAL
— Instructure listed on ShinyHunters data extortion site ShinyHunters claimed that the data was stolen from Instructure via a vulnerability in their systems, which has now been patched.
https://www.bleepingcomputer.com/news/security/instructure-c…
https://www.bleepingcomputer.com/news/security/instructure-c…
travel_explore
web search
NEUTRAL
— Hacking group ShinyHunters claimed responsibility for both attacks. In the note, reported by different student news outlets, the group demanded ransoms to prevent further data leaks.
https://www.cnn.com/2026/05/07/us/canvas-hack-strands-colleg…
https://www.cnn.com/2026/05/07/us/canvas-hack-strands-colleg…
+ 1 more evidence source
“Universities across the country, including Columbia University, Rutgers, Princeton, Kent State, Harvard and Georgetown issued statements alerting students to the hack impacting institutions nationwide.”
CORROBORATED
The specific list of universities (Columbia, Rutgers, Princeton, Kent State, Harvard, and Georgetown) issuing statements is confirmed by multiple independent sources.
travel_explore
web search
NEUTRAL
— This is a list of land-grant colleges and universities in the United States and its associated territories. [1] Land-grant institutions are often categorized as 1862, 1890, and 1994 institutions, base…
https://en.wikipedia.org/wiki/List_of_land-grant_universitie…
https://en.wikipedia.org/wiki/List_of_land-grant_universitie…
travel_explore
web search
NEUTRAL
— Universities across the country, including Columbia University, Rutgers, Princeton, Kent State, Harvard and Georgetown issued statements alerting students to the hack impacting institutions ...
https://edition.cnn.com/2026/05/07/us/canvas-hack-strands-co…
https://edition.cnn.com/2026/05/07/us/canvas-hack-strands-co…
travel_explore
web search
NEUTRAL
— Several universities across the country, including Columbia University, Rutgers, Princeton, Kent State, Harvard and Georgetown had issued statements alerting students to the hack impacting ...
https://www.msn.com/en-us/education-and-learning/online-educ…
https://www.msn.com/en-us/education-and-learning/online-educ…
+ 1 more evidence source
“School districts in California, Florida, Georgia, Oklahoma, Oregon, Nevada, North Carolina, Tennessee, Utah, Virginia and Wisconsin also reported being affected.”
SINGLE SOURCE
While there is evidence of a nationwide impact and specific mentions of Kern school districts, the specific list of 11 states is not explicitly corroborated across multiple independent sources in the provided evidence.
travel_explore
web search
NEUTRAL
— Canvas hacked: Data breach affects schools using Canvas nationwide; University of Pennsylvania reportedly impacted.
https://news.google.com/stories/CAAqNggKIjBDQklTSGpvSmMzUnZj…
https://news.google.com/stories/CAAqNggKIjBDQklTSGpvSmMzUnZj…
travel_explore
web search
NEUTRAL
— Kern school districts monitor Canvas cybersecurity incident. By: 23ABC News Staff.(KERO) — Both the Kern High School District and Kern Community College District are watching a cybersecurity incident …
https://www.turnto23.com/news/in-your-neighborhood/bakersfie…
https://www.turnto23.com/news/in-your-neighborhood/bakersfie…
travel_explore
web search
NEUTRAL
— Canvas LMS Mastery Connect Elevate Analytics Impact. Equella is a shared content repository that organizations can use to easily track and reuse content.
https://canvas.instructure.com/login/canvas?ref=schools_dist…
https://canvas.instructure.com/login/canvas?ref=schools_dist…
“The is the second school data breach claimed by ShinyHunters this month.”
SINGLE SOURCE
While ShinyHunters is known for multiple breaches, the specific claim that this is the 'second school data breach this month' is not corroborated by a second independent source in the provided evidence.
travel_explore
web search
NEUTRAL
— ShinyHunters is a black-hat criminal hacker and extortion group that is believed to have formed in 2019, and is said to have been involved in a significant amount of data breaches. The group has built…
https://en.m.wikipedia.org/wiki/ShinyHunters
https://en.m.wikipedia.org/wiki/ShinyHunters
travel_explore
web search
NEUTRAL
— 1 day ago · Criminal hacker and extortion group ShinyHunters claimed to have breached Canvas parent company Instructure, shutting down access to Canvas for students and faculty Thursday.
https://stanforddaily.com/2026/05/07/criminal-hacker-group-s…
https://stanforddaily.com/2026/05/07/criminal-hacker-group-s…
travel_explore
web search
NEUTRAL
— 1 day ago · In a statement to The Daily Californian, the black-hat cybercrime group ShinyHunters claims to have stolen “more than 600,000” UC Berkeley student and staff records and says it will leak t…
https://www.dailycal.org/news/campus/cybercrime-group-claims…
https://www.dailycal.org/news/campus/cybercrime-group-claims…
“On May 1, Instructure said it had “experienced a cybersecurity incident perpetrated by a criminal threat actor.””
VERIFIED
The cross-reference explicitly confirms that on May 1, Instructure reported a cybersecurity incident perpetrated by a criminal threat actor.
compare_arrows
cross reference
SUPPORTS
— On May 1, in a different attack, Instructure said it “experienced a cybersecurity incident perpetrated by a criminal threat actor” but contained the situation the next day.
https://krdo.com/news/2026/05/07/canvas-hack-strands-univers…
https://krdo.com/news/2026/05/07/canvas-hack-strands-univers…
“The company said the breach had been “contained” the next day but that user names, email addresses, student ID numbers and communications from some institutions appeared to have been exposed.”
INSUFFICIENT EVIDENCE
No evidence was found in the provided search results to confirm the specific details of the May 1 breach containment or the specific types of data exposed.
“During the Canvas interruption, Instructure said Thursday it put the platform in “maintenance mode” as it investigated the issue.”
PENDING
“The group claimed responsibility for hacking Ticketmaster and attempting to sell user data on the dark web in 2024, CNN previously reported.”
PENDING
“Earlier this year, Mandiant, a cyber-intelligence firmed owned by Google, reported an increase in activity consistent with prior “ShinyHunters-branded extortion operations,””
PENDING
“In 2024, the US Department of Justice announced the sentencing of a member of what prosecutors described as a notorious international hacking crew tied to the ShinyHunters name.”
PENDING
“Authorities said a user operating under that moniker posted stolen data from more than 60 companies for sale on dark web forums”
PENDING
“James Madison University has moved its exams scheduled for Friday to Wednesday, the school said in an announcement.”
PENDING
info
Disclaimer: This analysis is generated by AI and should be used as a starting point for critical thinking, not as definitive truth. Claims are verified against publicly available sources. Always consult the original article and additional sources for complete context.