// CanvasCRITICAL
ShinyHunters breached Instructure Canvas LMS in April 2026, stealing 3.65TB of data affecting approximately 275 million user records across 9,000 educational institutions. The threat group demanded ransom and disclosed the breach using the FFT vector. Canvas is widely deployed across schools and universities globally.
- Canvas Data Breach: How to Stay Safe If Your Info Was Leaked(opens in a new tab)
- Canvas Data Breach: Data Privacy Implications for IHEs(opens in a new tab)
- Canvas Data Breach: Rethinking Cybersecurity for Education(opens in a new tab)
- Will schools answer the Canvas breach’s wake-up call?(opens in a new tab)
// Get alerts for Canvas