Unbiased AI-powered news
Instructure took its learning platform offline on May 7 2026 after discovering unauthorized changes to login pages by an actor linked to ShinyHunters. The company restored service for most users while keeping Canvas Beta and Canvas Test in maintenance mode and investigating login issues with Student ePortfolios.
TechCrunchInstructure took its Canvas learning platform offline on May 7 2026 after it discovered unauthorized changes had been made to login pages. The company placed the service into maintenance mode and restored it for most users later the same day. Canvas Beta and Canvas Test systems remained in maintenance mode.
The company is also investigating login difficulties affecting some Student ePortfolios and temporarily shut down Free-For-Teacher accounts after determining they had been exploited.
According to the company, the unauthorized actor injected an HTML file that altered the appearance of login pages at a small number of schools. The altered pages displayed a message claiming responsibility on behalf of ShinyHunters and demanding that Instructure negotiate a settlement by the end of the day on May 12 2026 or face publication of certain data.
The message directed affected schools to consult a cyber advisory firm and contact the actors privately via TOX.
Instructure’s chief information security officer Steve Proud stated on May 2 that the information involved for users at affected institutions included names, email addresses, student ID numbers, and messages exchanged by users on the platform. The company disclosed an earlier incident on Tuesday and said last week that it had deployed patches to enhance system security.
On Wednesday the incident was marked as Resolved, with Proud writing that Canvas is fully operational and that the company is not seeing any ongoing unauthorized activity.
ShinyHunters had previously claimed responsibility for the earlier breach of Instructure and publicized it on its leak site. The group asserted that data belonging to almost 9,000 schools had been taken and that the files contained information on 231 million people, a figure later described by the group as affecting 275 million students, teachers, and other staff.
ShinyHunters published a list of schools it claims to have breached through Canvas. Both Instructure and the listed schools appeared as victims on the group’s dark web site on Thursday before those references disappeared by Thursday evening. The ShinyHunters site later became unresponsive.
Instructure said it regrets the inconvenience and concern the outage may have caused. ShinyHunters has previously claimed responsibility for attacks on Ticketmaster, AT&T, Rockstar Games, ADT, and Vercel. No publicly released evidence has documented the full scale of data exfiltration claimed by the group in either incident.
These outlets didn't split into competing frames — coverage was uniform.
news.sky.comThe European Commission is reviewing expert recommendations for phased restrictions on children's social media access. President Ursula von der Leyen said new legislation could be proposed after the summer.
The European Union sanctioned nine people and four entities on July 13, 2026. Britain sanctioned 24 people and entities the same day over a network active since 2010.
globalnews.caTwenty-two member states pledged 30 to 35 gigawatts of new capacity by 2028 under the bloc's first tripartite deal. The European Commission will oversee annual progress tracking through 2028 as part of the Affordable Energy Plan.