Austin ISD appears to be included in a long list of schools and universities affected by a cyberattack after the platform “BLEND” went down Thursday afternoon and was replaced by a message from a hacker identified as “ShinyHunters.” The hacker said affected schools have until Tuesday to negotiate a settlement before internal data is made public.
KUT News received screenshots from parents at McCallum High School and teachers at other schools that show the message sent by the hacker to the the district.
“ShinyHunters has breached Instructure (again). Instead of contacting us to resolve it they ignored us an did some ‘security patches,'” the message read.
BLEND is the platform used by teachers and students to view assignments, due dates and course materials. Teachers also use it to communicate with students and parents.
In the message, “ShinyHunters” told schools it is open to negotiating a settlement before May 12. The hacker said if schools want to prevent data leaks, they must consult a cyber advisory firm and contact them privately.
In a statement to parents, AISD officials said the attack is on BLEND’s parent company and not the district itself. District officials said their security teams are confident that the attack will not impact AISD’s systems because of their “proactive investments in added security layers,” including multi-factor authentication.
The data housed on the BLEND platform includes names, email addresses, student IDs and personal messages between teachers and parents or students.
District officials said that, as precaution, they are removing access to the platform from the district’s portal until they can verify it’s safe. They encouraged families to avoid logging into BLEND from home and said they are investigating the incident and will provide updates when they have them.
It’s part of a larger attack on Instructure, the parent company of Canvas, which runs BLEND. Thousands of universities and schools have been allegedly affected by the breach, including Harvard, Duke and The University of Pennsylvania, which adds up to hundreds of thousands of affected users.
KUT News reached out to the University of Texas at Austin to see if it has been affected, but the university has yet to respond. Although a student confirmed with KUT News on Thursday that they couldn’t access their Canvas account.
On Monday, UT Austin officials sent an email to students and staff saying that Instructure disclosed information on May 1 about a cybersecurity incident. They said they were working with the company to assess specific impacts to the university’s systems or data.
“The company stated that it has found no evidence that passwords, dates of birth, government identifiers, or financial information were involved,” UT officials said.
At the beginning of April, AISD officials said the district was experiencing network lags and connectivity issues caused by targeted cyberattacks.
This is a developing story.