Unbiased AI-powered news
A hacking group called ShinyHunters breached the Canvas learning management system on May 8 2026 disrupting final exams and coursework at thousands of schools and universities worldwide. The group claimed to have stolen 6.65 terabytes of data from about 9000 institutions and threatened to release it unless a ransom was paid.
Nbc NewsInstructure, the Utah-based company that operates the Canvas education platform, said it detected unauthorized activity on April 29. The company immediately revoked access, launched an investigation, engaged outside forensic experts and notified law enforcement.
On May 8, some users logging into Canvas encountered a ransom note from the group ShinyHunters demanding bitcoin payment by May 12 or the group said it would leak data. The group had claimed in a May 3 statement that it obtained about 6.65 terabytes of Canvas data from 9,000 schools worldwide.
Instructure posted an update saying the platform was available for most users, though some institutions continued reporting outages into Friday and Saturday. The company later confirmed the breach and said it took immediate steps to contain the activity.
Canvas supports more than 30 million active users. Several universities made adjustments to final-exam and coursework schedules while the outage overlapped with end-of-term deadlines. Penn State canceled exams scheduled for Thursday night and Friday at its Pollock Testing Center before restoring service Friday afternoon.
The University of Illinois postponed final exams and due work for Friday, Saturday and Sunday. Mississippi State University moved Friday final exams to Saturday after students taking a meteorology course saw the ransom note. The University of Tennessee shifted all Friday finals to Saturday.
Rutgers University canceled Friday finals on its New Brunswick campus. The University of Sydney told students Canvas was unavailable and instructed them not to log in while it awaited further guidance from Instructure. Affected institutions also included the University of British Columbia, University of Toronto, and universities in the Netherlands, Sweden and the United Kingdom.
Some students reported seeing the ransom note on their screens during exams. A meteorology student at Mississippi State said her initial reaction was that she herself had been hacked until she realized the entire class and professor had the same message.
A Rutgers sophomore studying civil engineering said Canvas handles every aspect of academic life from viewing course materials to communicating with professors and checking grades. A University of Iowa political science professor who was locked out of grading papers for nine hours used the incident as a teaching moment during a lecture on cyberattacks and modern warfare, noting that students now had personal experience with terms such as denial of service.
An MIT MBA student said the outage prompted her to weigh the convenience of centralized digital services against their security risks. The FBI issued a warning advising people not to respond to unsolicited contacts claiming to hold their data or demanding payment.
The agency stated that receiving such a message does not necessarily mean personal information has been compromised and recommended awaiting formal guidance from educational institutions.
Instructure confirmed it had brought in outside forensic experts and notified law enforcement. It remains unclear whether any ransom was paid. The group posted messages as early as May 5 stating that Instructure had not responded to its demands, which it described as not as high as might be expected.
Several universities including Harvard, the University of Chicago, UCLA, Columbia, Georgetown and the University of Cambridge adjusted deadlines or temporarily disabled access. The University of Alberta reported partial restoration with reduced functionality on Saturday.
The University of Sydney said the platform had been restored but was not yet accessible to staff or students pending further checks. Many institutions advised students to print materials as a precaution and to ignore suspicious messages.
These outlets didn't split into competing frames — coverage was uniform.
insurancejournal.comPreliminary data show every vessel that transited the waterway on July 12 did so without active tracking signals. Dark crossings have outnumbered observable passages in recent days as attacks reshape routes.
The IndependentResearchers identified the four-carbon sugar erythrulose in gas cloud G+0.693-0.027 using two Spanish radio telescopes. The finding adds to evidence that complex organic molecules form in interstellar space before stars and planets.
YonhapSK Innovation and S-Oil shares climbed more than 5 percent on July 13 after Russia halted diesel exports. The move followed Ukrainian attacks on Russian refineries and tightened global supplies.