Major Cyberattack Disrupts Thousands of Universities Worldwide
Canvas, the widely used educational platform, suffered a devastating cyberattack that crippled services across approximately 9,000 universities and colleges in the US, Canada, Australia, and the UK. The breach forced widespread exam disruptions and exposed sensitive student and institutional data.
Hackers Threaten to Release 3.5 Terabytes of Confidential Data
The attackers seized an immense trove of information—around 3.5 terabytes—containing sensitive details from students and academic institutions. They demanded a ransom and threatened to publicly release the stolen data, sparking alarm across the global education sector.
Instructure Strikes Controversial Deal to Protect Data Privacy
Instructure, the company behind Canvas, confirmed it has negotiated an agreement with the hackers. The cybercriminals claim to have deleted the stolen data and vowed not to extort students or educational organizations further.
While this move aims to safeguard private information, paying hackers contradicts the firm guidance of international law enforcement agencies. Experts warn that such payments can encourage future attacks and provide no guarantee that the data is truly erased.
Risks of Ransom Payments Highlighted by Past Incidents
History reveals stark risks: cybercriminals often accept ransoms without honoring promises to delete stolen data. For instance, after the National Crime Agency compromised the notorious LockBit ransomware group, investigators discovered that the stolen information remained intact despite ransom payments.
Instructure Emphasizes Commitment to Data Protection
In a public statement, Instructure underscored its unwavering priority to safeguard the personal data of students and educational staff. The company’s prompt action reflects the high stakes involved in securing academic environments from increasingly sophisticated cyber threats.
