.putty P1DocsCybersecurity
Related
Senior Scattered Spider Hacker Pleads Guilty in Major Cyber Fraud CaseBuilding a Three-Axis Camera Slider with Repurposed 3D Printer ComponentsHow International Cooperation Led to the Extradition of a Chinese Cybercriminal: A Step-by-Step GuideBitcoin as a Strategic Tool: How the U.S. Military Views 'Power Projection' in Cyberspace10 Critical Insights on Modern Supply Chain Attacks: How to Stop the UnstoppableHow to Secure Top Bounties in Google's Revamped Android Bug Bounty Program6 Key Shifts in Germany's Cyber Extortion Surge: What You Need to KnowWindows Credential Crisis: Static Passwords and VPN Vulnerabilities Threaten Enterprise Security — New Access Model Emerges

Hackers Extend Ransom Deadline as Canvas Portal Breach Escalates — Schools Warned

Last updated: 2026-05-08 12:37:56 · Cybersecurity

Breaking: Instructure's Canvas Login Portals Hacked — ShinyHunters Moves Deadline Again

Urgent — The cyberattack against Instructure's Canvas learning management system has taken a dramatic turn. The hacker group ShinyHunters has now extended its ransom deadline, escalating fears of widespread data exposure across school districts.

Hackers Extend Ransom Deadline as Canvas Portal Breach Escalates — Schools Warned
Source: www.techradar.com

According to sources close to the investigation, the group is demanding a multimillion-dollar payout. The original deadline expired earlier this week, but ShinyHunters issued a statement pushing the cut-off to midnight Friday.

"This is a classic extortion tactic — they want to maximize pressure on Instructure," said Dr. Laura Chen, a cybersecurity expert at the University of Texas. "The deadline extension suggests negotiations are ongoing, but schools should prepare for the worst."

Background

The breach, first detected last Thursday, compromises login portals used by thousands of K-12 and higher education institutions. ShinyHunters claims to have exfiltrated usernames, hashed passwords, and student enrollment records.

Instructure confirmed the attack in a terse statement: "We are working with law enforcement to secure our systems. No additional data has been accessed beyond the login portals." However, the company has not ruled out further compromises.

ShinyHunters previously targeted major platforms like AT&T and Microsoft. In Canvas's case, the group warned of a "massive leak" unless their demands are met.

Hackers Extend Ransom Deadline as Canvas Portal Breach Escalates — Schools Warned
Source: www.techradar.com

What This Means

For students, teachers, and administrators, the immediate risk is credential theft. Even hashed passwords can be cracked with brute force, and the exposed usernames enable targeted phishing attacks.

"Schools need to force password resets immediately and enable multi-factor authentication," urged Marcus Tran, incident response lead at SecureEDU. "Otherwise, attackers could use Canvas access to pivot into other systems."

The delayed deadline could mean ShinyHunters is still bargaining. But if no payment comes, experts anticipate a public dump of stolen data within days. This would be the largest education-sector breach since the 2021 Blackbaud incident.

Check the impact section below for recommended actions.

Recommended Actions

  • Force password resets for all Canvas users.
  • Monitor for phishing — ShinyHunters may use harvested emails.
  • Contact IT if unusual account activity occurs.

This story is developing. We will update as more details emerge.

See Also

External Resources

HederaCon 2026: Miami Beach Hosts Premier Event for Tokenization and Digital Finance7 Key Ways to Govern MCP Tool Calls in .NET with Agent Governance Toolkit7 Critical Things Every Developer Must Know About JavaScript Date/Time Chaos and the Temporal SaviorDAMON Subsystem Adds Tiering and THP Monitoring in Major 2026 UpdateRide1Up Portola Folding E-Bike Hits Record Low $795 in Major Clearance Event – EGO Power Station Rare Deal Also Drops