Canvas Online Platform Restored After Data Breach Affecting Schools

The online education platform Canvas was restored to service on Thursday after it was taken offline due to a data breach. Instructure, the company that operates Canvas, said the platform is now fully back online and available for use. The outage occurred during the final exam period for many schools.

Instructure confirmed a series of cybersecurity incidents this week. The company said it first detected unauthorized activity in Canvas on April 29. It took the platform offline on Thursday after the actor made changes that appeared for some logged-in users.

The breach affected identifying information including names, email addresses, student ID numbers and user messages. No passwords, birth dates, government identifiers or financial information were involved, according to Instructure. The company temporarily shut down Free-for-Teacher accounts that the actor had exploited.

Thirty million users rely on Canvas, including at half of all higher education institutions in North America. The platform is used to manage courses, submit assignments, view grades and handle communication. Schools in the K-12 system were also affected.

A group known as ShinyHunters claimed responsibility for the breach. The group said an initial breach on Saturday involved data including private messages from 275 million students, teachers and staff at nearly 9,000 schools worldwide. ShinyHunters had previously taken credit for a Ticketmaster data breach in 2024.

The group posted on a threat intelligence website that affected schools could prevent data release by consulting cyber advisory firms and negotiating settlements through the encrypted chat platform Tox. It set a deadline of the end of the day on May 12, 2026 before material would be leaked.

Instructure has not said whether it paid any ransom or reached any agreement with the group. It is not clear what the restoration of access means for the May 12 deadline.

Not all institutions restored access immediately. Penn State University said Friday morning that while access had been partially restored, the system was not yet ready for use. Technical teams are preparing the system and will bring integrations back online in phases.

The University of California said across its schools that Canvas access would not be restored until officials are confident the system is secure. Montgomery County Public Schools in Maryland said it is continuing to test and review systems before restoring access.

The University of Amsterdam, one of 44 Dutch educational institutions affected, recommended that people change passwords on any other sites where they reuse the same credentials. Several schools warned users to watch for phishing messages requesting login information.

Several universities postponed or canceled final exams because of the outage. The University of Illinois is postponing all final exams and assignments scheduled through Sunday. Penn State canceled certain exams scheduled for Thursday night and Friday.

Baylor University delayed Friday exams and asked faculty to send study materials from their local computers to students. Damon Linker, a senior lecturer in political science at the University of Pennsylvania, said students panicked when they could not access course materials for a Monday final.

Linker noted that most students do not have readings printed out or saved locally. He said he would have uploaded materials to another platform if Canvas had not returned by Friday morning. m. ET. Security experts recommend that users enable multi-factor authentication, use a password manager and verify suspicious communications through another channel.

Schools continue to review systems before fully resuming access.