Advertisement Subscribe to our weekly newsletter. Subscribe Close Cybersecurity ShinyHunters claims nearly 9,000 schools affected by Canvas data breach The group that stole data from Instructure users claims that it will release the data of students from nearly 9,000 education institutions around the country. By Colin Wood May 7, 2026 Listen to this article 0:00 Learn more. This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. (Getty Images) ShinyHunters, the prolific criminal hacker and extortion group, on Thursday provided additional details about its recent breach of Canvas, the learning management system developed by Instructure, with hopes of coaxing payments from some of the nearly 9,000 educational institutions it claims are affected. After announcing on May 1 that it had exfiltrated several terabytes of data containing the personal information of 275 million users, it announced a deadline of Thursday before “everything is leaked and there will be no chance at a negociation for anyone. Instructure has not even bothered speaking to us to understand the situation or to even negociate with us to prevent the release of this data. Our demand was not even as high as you might think it is.” On Thursday, the group presented to Canvas users a second message and extended the deadline for payment until May 12. “ShinyHunters has breached Instructure (again). Instead of contacting us to resolve it they ignored us and did some ‘security patches’,” the note reads. The group advised affected schools to consult security professionals and use the Tox messaging protocol to negotiate a “settlement.” The attached list of affected institutions includes many school districts, along with well-known universities, including Cambridge, Columbia, Cornell, Georgetown, Harvard, MIT and UC Berkeley. Advertisement There are mixed reports of exactly which organizations are affected and what sort of data is included in the breach. Tech Radar reported that affected data includes names, email addresses, student ID numbers and user communications, but that passwords, dates of birth and financial information were not involved. Written by Colin Wood Colin Wood is the editor in chief of StateScoop and EdScoop. He’s reported on government information technology policy for more than a decade, on topics including cybersecurity, IT governance and public safety. In This Story Canvas cybersecurity data breach Instructure ShinyHunters Share Facebook LinkedIn Twitter Copy Link Advertisement Advertisement More Like This Northwood University receives NSA cyber excellence accreditation By EdScoop Staff Threat actor hijacked subdomains at 30+ major universities, researcher found By EdScoop Staff How account takeover is reshaping higher-ed cyber risk By Scoop News Group Advertisement Advertisement More Scoops (Getty Images) University of Sydney data breach exposed personal information of 27,000 individuals University leaders said they're still seeking to understand the extent of a data breach that implicated thousands of current and former students, faculty and affiliates. By EdScoop Staff Latest Podcasts CIO Matt Gunkel on how gen AI is transforming UC Riverside Finding the right place for generative AI in the classroom New REN-ISAC director wants to build ‘trust community’ New classroom designs ‘the future of learning,’ Higher Education Hundreds oppose effort to make Central Connecticut State University a polytechnic school Rasmussen University replaces Blackboard with Brightspace University at Buffalo to reuse heat from supercomputing center New Mexico Junior College expands use of ZeroEyes weapon-detection system K-12 Data privacy advocates wary of school surveillance technology shortcomings Teacher gender matters in classroom AI policy, USC researchers find Instructure announces AI tutoring partnership with Khan Academy IBM expands tech training network with 45 new partnerships Cybersecurity Harvard faces 'active and specific cybersecurity threat' Ransomware group claims it stole data from Monmouth University University of Cincinnati hosts cybersecurity career fair U. Hawaii Cancer Center confirms data compromised Hybrid Learning 5G: Making the connection for greater student and faculty success 2U and edX reached 73 million learners, report says Online Learning Consortium launches mental health initiative Students prefer online learning, survey finds