Canvas Platform Temporarily Disrupted by Cyber Incident Affecting Instructure Customers

A hacking group breached the academic software Canvas this week, taking the platform offline and disrupting an estimated 9,000 institutions in the US, Canada and Australia. The group ShinyHunters claimed responsibility for the attack, which caused Canvas to go offline and triggered ransom demands that appeared on computer screens during final exams.

A ransom note demanding payment in bitcoin appeared on screens.

It threatened to release stolen data unless Canvas or the affected universities paid a ransom in bitcoin. The same message encouraged universities to contact the hacking group privately to negotiate a settlement and avoid the release of their data. Mississippi State University announced that it was postponing Friday's final exams.

Aubrey Palmer, a meteorology student at Mississippi State University, had just finished a 2,900-word exam essay when the ransom note appeared on her screen. Palmer said her knee-jerk reaction was that she'd been hacked herself. Palmer said she was with her professor and dozens of other students who all received the same message.

She said she was so angry at the idea of having to redo her exam. Mississippi State University has been updating students by email, rescheduling exams, and advising them to ignore suspicious messages. The university described the incident as a "nationwide security incident".

The University of Sydney told students on Friday "Canvas was unavailable" and instructed students not to attempt to log in. The University of Sydney stated it is one of approximately 9000 institutions around the world impacted by this outage. It said it was still waiting for advice from Instructure.

The outage affected students' coursework and examinations at the University of Sydney. The university acknowledged how disruptive this is at a critical time in the semester. On Thursday, Idaho State University cancelled exams scheduled after 12:00 local time.

Penn State University stated that "no one has access" to Canvas and that a resolution was unlikely within the next 24 hours. Penn State University cancelled some exams scheduled for Thursday and Friday.

On Thursday evening, the University of British Columbia informed students that Canvas was unavailable due to a cyber breach of its parent company Instructure. The University of British Columbia advised students to log out immediately. The University of Toronto reported it was impacted by the breach and stated that multiple universities were affected.

Students at the University of California Los Angeles struggled to submit assignments online through Canvas. The University of Chicago temporarily disabled its Canvas page after reports that it was targeted. The Chicago Maroon posted a screenshot of a message from ShinyHunters seeking a ransom.

Jacques Abou-Rizk is a masters student at Northwestern University. He received the ransom message when he clicked a link in an email that appeared to be from a university administrator. Jacques Abou-Rizk said "I didn't know what was happening.

Northwestern University sent an email on Thursday saying it was monitoring an issue. Northwestern University's email stated it did not have an estimated restoration time for Canvas and that other IT infrastructure had not been affected. Jacques Abou-Rizk said he was still unable to access Canvas on Friday and has not heard from the university since.

He said there is definitely anxiety surrounding not only being able to complete work but also not knowing exactly what the threat is. By late Thursday, Instructure posted an update saying that Canvas was available for most users. Some universities were still reporting outages on Friday.

BBC News reported that targeted threats from ShinyHunters began on Sunday with deadlines given on Thursday and 12 May. ShinyHunters has been linked to several high-profile cyber attacks in the past, including a major hack on Jaguar Land Rover last year. On Thursday, top US Senate Democrat Chuck Schumer sent a letter to the Trump administration urging more defence against cyber risks.