The Canvas Hack Is a New Kind of Ransomware Debacle
·2 min read
Compiled by KHAO Editorial
— aggregated from 1 outlet + 10 references discovered via search.
See llms.txt for citation guidance.
✓ KHAO Verified
Higher education has long been a target of ransomware gangs and data extortion attacks.
Key facts
In a list published by the hackers behind the attack on their ransom-focused dark web site, they claim the breach affected more than 8,800 schools
The message from attackers “urged schools included on the affected list to consult with a cyber advisory firm and contact the group privately to negotiate a settlement before the end of the day
On Thursday that the hackers launched a secondary wave of attacks, defacing some schools' Canvas portals by injecting an HTML file to display their own message on the schools' Canvas login pages
Higher education has long been a target of ransomware gangs and data extortion attacks
Summary
The widely used digital learning platform Canvas was put into “maintenance mode” on Thursday after its maker, the education tech giant Instructure, suffered a data breach and faced an extortion attempt by attackers using the recognizable moniker "ShinyHunters. Universities like Harvard, Columbia, Rutgers, and Georgetown sent alerts to students about the situation in recent days; other institutions, including school districts in at least a dozen states, also appear to have been affected. In a running incident update log that began on May 1, Steve Proud, Instructure's chief information security officer, said that the company had “recently experienced a cybersecurity incident perpetrated by a criminal threat actor.” He added on May 2 that “the information involved” for “users at affected institutions” included names, email addresses, student ID numbers, and messages exchanged by users on the platform.