Cyberattack on Canvas learning platform disrupts finals nationwide

A cyberattack by ransomware group ShinyHunters disrupted Canvas learning platform during finals week, forcing schools nationwide to postpone exams. Instructure temporarily took Canvas offline Thursday after detecting unauthorized network activity from the same threat actor behind a data breach disclosed the previous week. The breach exposed usernames, email addresses, student ID numbers, and platform messages from 275 million users across 8,800 schools, though passwords and financial data weren't compromised. Universities scrambled to respond as ransom demands appeared on login pages, encouraging schools to negotiate directly with attackers. University of Illinois postponed all weekend finals, while UMass Dartmouth rescheduled exam dates. Canvas returned online Friday morning. ShinyHunters previously targeted Snowflake cloud storage and its customers including TicketMaster.