A widespread cyberattack disrupted access to the Canvas online learning platform on Thursday, impacting thousands of schools and universities across the United States and Canada during a critical period for final exams and end-of-semester coursework.
Canvas, operated by Instructure, is a learning management system widely used by K-12 schools, colleges, and universities to manage assignments, grades, lecture materials, and facilitate communication between students and instructors.
The outage came as many colleges and universities were administering final exams and wrapping up spring coursework.
Elizabeth Polo was in a creative writing class at the University of Maryland late Thursday afternoon when a classmate shouted, “Canvas got hacked.” A message from a hacking collective flashed on her computer screen.
“Our whole class just like was like freaking out about it,” said Polo, a junior. “Our poor professor was trying to get everyone to calm down, but it was just kind of chaos.”
Late Thursday, Instructure said service had been restored for most users after the outage interrupted online access for students and educators.
Cybersecurity analysts said the hacking group ShinyHunters claimed responsibility for the breach.
Luke Connolly, a threat analyst at cybersecurity firm Emsisoft, said screenshots posted online by the group claimed nearly 9,000 schools around the world were affected.
The group also threatened to leak sensitive data allegedly obtained during the attack, raising concerns among school officials and security experts.
The message that flashed on Polo's computer screen urged individual schools to reach out directly to the hacking group to negotiate a settlement and threatened to leak data if they didn’t. She said that Canvas later took that message down, replacing it with a message saying the site was undergoing scheduled maintenance.
Just before 1 a.m. Friday, Polo was able to submit an assignment on Canvas, but she now worries personal data has been compromised.
The data breach appeared to involve student ID numbers, email addresses, names, and messages on the Canvas platform, Instructure’s chief information security officer, Steve Proud, said in an update shared Saturday.
Several institutions issued emergency alerts to students and staff as access to coursework, testing materials, and grade submission portals became unavailable, forcing some to reschedule or find alternative arrangements.
The University of Texas at San Antonio announced delays to some Friday finals because of the disruption.
Princeton University posted updates on social media indicating the platform appeared operational again, though information technology staff continued to monitor the situation closely.
Other institutions echoed similar messages, emphasizing that students and faculty should continue to check for updates as services were gradually restored.
The district added that no additional action was required from students or staff and that there was “no indication that sensitive personal information was impacted.”
“We are deeply grateful to our entire community for your patience and understanding as we navigate this complex and understandably frustrating situation,” stated the university. “We also want to extend our sincere thanks to our deans, faculty, and staff, who worked tirelessly throughout the night to maintain continuity and support our students and academic operations as fully as possible.”