Canvas Cyberattack Disrupts Global Education; CSA Steps In

A sophisticated cyberattack on the education platform Canvas has sent ripples through academic institutions worldwide. The Cyber Security Agency of Singapore (CSA) confirmed it has contacted affected organizations to offer mitigation support and guidance.

Canvas, a critical tool owned by US edtech firm Instructure and used by schools and universities for grades and course materials, went offline Thursday, blocking student and faculty access globally.

The Singapore Institute of Management (SIM) acknowledged being hit by the breach, stating it caused “inconvenience and concern.” In response, SIM is implementing temporary measures, including sending Zoom lesson links directly to students and extending assignment deadlines.

According to Instructure, unauthorized activity was first detected on April 29, leading to an investigation and the hiring of outside forensic experts. On May 7, additional unauthorized activity was spotted, forcing the company to take Canvas offline into maintenance mode.

Instructure confirmed a data leak involving users' personal information-names, email addresses, student IDs, and internal messages. The company stated there is no evidence that passwords, birth dates, government IDs, or financial data were compromised.

Security firm Emsisoft identified the hacking group ShinyHunters as the perpetrator. Described as a loose affiliation of US and UK-based teenagers and young adults, the group has also been linked to the recent Live Nation/Ticketmaster breach.

Instructure has notified US law enforcement, including the FBI, and has enhanced cybersecurity measures by shutting down Free-for-Teacher accounts and revoking privileged credentials. The system is now fully back online.