{"id":26465,"date":"2026-05-09T13:01:24","date_gmt":"2026-05-09T13:01:24","guid":{"rendered":"https:\/\/www.europesays.com\/news\/26465\/"},"modified":"2026-05-09T13:01:24","modified_gmt":"2026-05-09T13:01:24","slug":"canvas-outage-wreaks-havoc-for-students-during-college-finals","status":"publish","type":"post","link":"https:\/\/www.europesays.com\/news\/26465\/","title":{"rendered":"Canvas outage wreaks havoc for students during college finals"},"content":{"rendered":"

Schools and universities across the country are recovering from an outage that knocked down Canvas<\/a>, an online platform that manages exams, course notes, lecture videos and grades. The disruption tied to a cyberattack hit in the middle of finals period for many colleges, a high-stress time when students and instructors rely heavily on the platform.<\/p>\n

By late Thursday, Instructure, the parent company of Canvas, said the platform was available again<\/a> to most users.<\/p>\n

The hacking group ShinyHunters claimed responsibility for the breach, said Luke Connolly, a threat analyst at the cybersecurity firm Emsisoft. On Friday, Instructure and Canvas no longer appeared on a site where ShinyHunters lists its targets.<\/p>\n

Some schools, however, have continued to block students and teachers from accessing Canvas, citing an abundance of caution while assessing security threats.<\/p>\n

Here\u2019s what to know about the outage.<\/p>\n

What is Canvas?<\/p>\n

Schools and universities use Canvas to manage nearly all aspects of instruction. The platform acts as a gradebook, a hub for digital lectures and course materials, a discussion board for classroom projects, and a messaging platform between students and instructors.<\/p>\n

Some courses also give quizzes and exams on the platform, or use it as a portal where final projects and papers are submitted on deadline.<\/p>\n

Who is ShinyHunters?<\/p>\n

ShinyHunters is a loose association of teenage and young adult hackers in the U.S. and the United Kingdom who have been linked to other large-scale cyberattacks, including one on Ticketmaster<\/a>, Connolly said. On the page listing their targets, the group describes itself as \u201crooting your systems since \u201819,\u201d using a term for accessing a computer system\u2019s deepest layer.<\/p>\n

Earlier this week, ShinyHunters said that nearly 9,000 schools and 275 million individuals\u2019 data could be leaked if schools did not pay the ransom by a deadline of May 6. The group then extended the deadline, indicating some schools had engaged with them to negotiate.<\/p>\n

In a statement posted to ShinyHunters\u2019 ransomware site, the group said it would not be commenting on the incident. <\/p>\n

Schools and universities, rich in personally-identifiable information on students, teachers and employees, have become prime targets for criminal hackers in ransomware attacks. Targets can be individual districts, like the Minneapolis Public Schools<\/a> or Los Angeles Unified School District<\/a>, or external vendor platforms like Canvas or PowerSchool that education systems increasingly rely on to manage schedules, courses and exams.<\/p>\n

The impact on students<\/p>\n

Though most schools seem to have restored access to Canvas, the disruptions to finals period are likely to ripple throughout the week.<\/p>\n

The University of Massachusetts at Dartmouth said that it would postpone exams scheduled for Friday and Saturday to ensure students had time to review course materials that would not have been accessible during the shutdown.<\/p>\n

The University of Illinois postponed all exams that were scheduled to take place Friday, Saturday or Sunday for all classes, regardless of whether the courses utilized Canvas.<\/p>\n

And Montgomery County Public Schools in Maryland continued to limit access to Canvas on Friday, citing an abundance of caution \u201cwhile we work to better understand the full impact of the incident and any potential vulnerabilities involving information connected to the platform.\u201d<\/p>\n

Should students be worried about data privacy?<\/p>\n

The data breach appeared to involve student ID numbers, email addresses, names and messages on the Canvas platform, Instructure\u2019s chief information security officer, Steve Proud, said in an update shared May 2. He said the company had not found evidence that passwords, dates of birth, government identification or financial information were compromised.<\/p>\n

Even with Canvas back online, cybersecurity experts are urging impacted students and educators to stay alert.<\/p>\n

Other bad actors could try and take advantage of the breach\u2019s aftermath through additional phishing attacks. Cliff Steinhauer, director of information security and engagement at the National Cybersecurity Alliance, warns that someone impersonating a school district, for example, could send a malicious message prompting users to reset their Canvas password.<\/p>\n

\u201cBe very suspicious of any inbound messages,\u201d Steinhauer said, particularly if urgent action is requested. <\/p>\n

Experts stress that major breaches are an important reminder for consumers to revisit best \u201ccyber hygiene\u201d practices overall.<\/p>\n

The basics include creating hard-to-guess passwords, using multifactor authentication<\/a> when possible and monitoring online accounts for any suspicious activity. In addition, the Federal Trade Commission notes<\/a> that nationwide credit bureaus \u2014 such as Equifax, Experian and TransUnion \u2014 offer free credit freezes and fraud alerts that consumers can set up to help protect themselves from identity theft and other malicious attacks. <\/p>\n

___<\/p>\n

The Associated Press\u2019 education coverage receives financial support from multiple private foundations. AP is solely responsible for all content. Find AP\u2019s standards<\/a> for working with philanthropies, a list<\/a> of supporters and funded coverage areas at AP.org.<\/p>\n","protected":false},"excerpt":{"rendered":"Schools and universities across the country are recovering from an outage that knocked down Canvas, an online platform…\n","protected":false},"author":2,"featured_media":26466,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[16234,6300,3593,933,50,3414,8,3599,1251,16107,9,59,16233,199,7,54],"class_list":{"0":"post-26465","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-top-stories","8":"tag-cliff-steinhauer","9":"tag-colleges-and-universities","10":"tag-cybercrime","11":"tag-education","12":"tag-general-news","13":"tag-hacking","14":"tag-headlines","15":"tag-information-security","16":"tag-los-angeles","17":"tag-luke-connolly","18":"tag-news","19":"tag-schools","20":"tag-steve-proud","21":"tag-technology","22":"tag-top-stories","23":"tag-u-s-news"},"share_on_mastodon":{"url":"https:\/\/pubeurope.com\/@news\/116544752000150798","error":""},"_links":{"self":[{"href":"https:\/\/www.europesays.com\/news\/wp-json\/wp\/v2\/posts\/26465","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.europesays.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.europesays.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/news\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/news\/wp-json\/wp\/v2\/comments?post=26465"}],"version-history":[{"count":0,"href":"https:\/\/www.europesays.com\/news\/wp-json\/wp\/v2\/posts\/26465\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/news\/wp-json\/wp\/v2\/media\/26466"}],"wp:attachment":[{"href":"https:\/\/www.europesays.com\/news\/wp-json\/wp\/v2\/media?parent=26465"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.europesays.com\/news\/wp-json\/wp\/v2\/categories?post=26465"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.europesays.com\/news\/wp-json\/wp\/v2\/tags?post=26465"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}