New York (CNN) 鈥 Students attempting to access grades, study materials and quizzes were met instead with a message from a hacker on Thursday.
Universities and school systems across the country, from the University of Pennsylvania to Georgetown University to the the University of Oklahoma, reported a ransom note on the homepage of their schools鈥 Canvas sites. Canvas is a popular, cloud-based digital hub for classrooms.
Canvas , parent company Instructure claims on its website, with more than 8,000 institutions as customers. Many of those students are in the middle of a busy Spring finals week.
This is the second data breach this month among schools and universities. Hacking group ShinyHunters claimed responsibility for both attacks. In the note, reported by different student news outlets, the group demanded ransoms to prevent further data leaks.
鈥淪hinyHunters has breached Instructure (again),鈥 read a warning on a University of Washington student鈥檚 account around noon PT, which was seen by CNN. 鈥淚nstead of contacting us to resolve it they ignored us and did some 鈥榮ecurity patches.鈥欌
Instructure on its website that Canvas was 鈥渋n maintenance mode鈥 late Thursday afternoon, adding that it was investigating the issue.
On May 1, in a different attack, Instructure said it 鈥渆xperienced a cybersecurity incident perpetrated by a criminal threat actor鈥 but contained the situation the next day. But the company indicated that user names, email addresses and student ID numbers were breached.
鈥淚nstructure still has until EOD 12 May 2026 to contact us,鈥 Thursday鈥檚 note said.
CNN has reached out to Instructure for comment.
The-CNN-Wire
鈩 & 漏 2026 Cable 太子探花 Network, Inc., a Warner Bros. Discovery Company. All rights reserved.
