Canvas Back Online After Cyberattack Disrupts Final Exams at Thousands of Schools

Canvas, the learning management system used by thousands of schools and universities, is back online after a cyberattack disrupted studies at a critical time-final exam week.

The hacking group ShinyHunters claimed responsibility for the breach, according to Luke Connolly, a threat analyst at cybersecurity firm Emisoft. The group posted online that nearly 9,000 schools worldwide were affected, and billions of private messages and other records were accessed.

Instructure, the company behind Canvas, confirmed in a late Thursday update the system was available for most users. By Friday, Instructure and Canvas had been removed from the group's dark web leak site.

The outage forced schools like the University of Texas at San Antonio to push back finals, and teachers scrambled for workarounds. Princeton University announced on X that “Canvas appears to be available again.”

Rich in digitized data, U.S. schools remain prime targets for hackers. Connolly noted the Canvas attack closely mirrors a breach at PowerSchool, where a Massachusetts college student was charged. ShinyHunters is described as a loose affiliation of teenagers and young adults based in the U.S. and U.K., also tied to attacks on Live Nation's Ticketmaster.