By Aidan Low
June 15, 2026
In early May, a hacker group known as "ShinyHunters" hacked into the popular learning management platform Canvas, putting the data of millions of customers in danger.
The hacker group "Shinyhunters" hacked into Canvas twice between May 1st and May 7th. On May 1st, they stole 3.65 terabytes of data. This incident is considered one of the largest educational hacks in history, affecting almost 9000 schools. The hack disrupted the plans of over 275 million people, and many school districts even pushed final exams and tests back to give the students time to study.
The hackers had found a glitch in the free-for-teacher program, and this time, defaced the login screen and replaced it with a ransomware notice. Instructure (the parent company and creator of Canvas) quickly reached a compromise, which included paying a ransom. Law enforcements advise against paying ransoms, as they can fuel future hacks, but Instructure said that they paid to keep student data safe. The hackers sent Instructure their "shred logs,” which is data proving the deletion of data. However, the criminals could have made copies of the data, and there is no guarantee that the criminals will do what they said they will do after they are paid.
This isn't the first time that the hacker group ShinyHunters attacked a program used in education. In January of 2025, the hackers were responsible for infiltrating Powerschool, where most schools keep sensitive student information. They have also targeted other major institutions such as Harvard, Princeton, and the University of Pennsylvania. They tend to target apps and companies with large amounts of personal data, such as Google, Powerschool, AT&T, ADT, and other large companies.
As the world we live in uses more technology, there will likely be more attempted hacks, in numbers and scale. It is important for institutions and individuals to do all they can to keep their data safe and hackers out.