Instructure announced on Monday that they reached an agreement to preserve student data connected to Canvas, following a week of threats from the black-hat cybercriminal organization known as ShinyHunters.
In a status update by the company on May 11, Instructure claimed the data was returned and they received “digital confirmation” that the data was destroyed from ShinyHunters’ servers.
“While there is never complete certainty when dealing with cyber criminals, we believe it was important to take every step within our control to give customers additional peace of mind, to the extent possible,” read the status update.
Additionally, the update included that “no Instructure customers will be extorted as a result of this incident, publicly or otherwise.”
Instructure added that they’ll continue to work with experts to “support forensic analysis” and that new updates will be posted through their Security Incident page.
On May 7, colleges and universities across the nation received ransom messages from an international hacking syndicate.
While Peralta district students and faculty tried to log in to their Canvas portals, they received a threatening message that claimed to leak student information and Canvas messages by May 12 if the ransom was not paid by Instructure.
The California Community Colleges Chancellor’s Office has a statewide subscription with Instructure for the use of Canvas.
The Peralta district first reported a security breach from Instructure on May 5 in a districtwide email, after being notified by the state chancellor’s office.
The email informed students of a “confirmed security incident” with Instructure between May 2 and 3, but added there was “no immediate action required” and that “[Peralta] is committed to keeping your data safe.”
The district stated that Instructure resolved the situation by using “containment measures” such as “revoking compromised credentials” and “applying security patches.”
In the same email, the district relayed that Instructure is investigating the event further with “external forensic experts” to “ensure the platform remains secure.”
On May 6, State Chancellor Sonya Christian sent an email to college presidents and to public information officers statewide to provide an update about the data breach.
“The important point is that this is a vendor-level incident affecting many institutions, not a targeted breach of any one college,” Christian wrote, also stating that the risk to the community college system “appears contained and manageable.”
Instructure CEO Steve Daly posted an apology to Instructure’s customers on the company’s incident update webpage.
“Last week, we made a call to get the facts right before speaking publicly,” Daly wrote. “We focused on fact-finding and went quiet when you needed consistent updates. […] We will change that moving forward.”
The company has since launched an “incident updates” page to keep customers informed.






















