Canvas Restored After Cyberattack Disrupted Universities Across the U.S.
Thousands of students across the United States suddenly lost access to assignments, grades, and online coursework this week after a major cyberattack disrupted Canvas, one of the country’s most widely used education platforms.
The outage hit during a particularly sensitive time for colleges and universities, with many students in the middle of spring finals, exams, and end-of-semester coursework.
Several major institutions, including Harvard University, the University of Michigan, and Pennsylvania State University, confirmed that Canvas experienced a widespread security incident that temporarily affected access to the platform.
Canvas is operated by education technology company Instructure and is used by schools and universities around the world for online classes, assignments, messaging, and academic records.
The company later restored service for most users, saying the platform was back online after emergency maintenance efforts.
However, the incident quickly escalated after hacking group ShinyHunters claimed responsibility for the alleged breach.
According to reports, the group claimed it accessed data connected to nearly 9,000 educational institutions worldwide and threatened to leak information unless a settlement was reached. The hackers also claimed that hundreds of millions of user records were involved, though those numbers have not been independently verified.
Instructure said its investigation so far has not found evidence that passwords, birth dates, government identification numbers, or financial information were exposed.
The company did acknowledge that certain user data — including names, email addresses, student identification numbers, and messages between Canvas users, may have been accessed during the incident.
The attack has renewed concerns about how vulnerable digital learning systems have become as schools rely more heavily on cloud-based education platforms.
For many students, the outage created immediate academic stress. Some reported being unable to submit assignments, access class materials, or communicate with instructors during critical exam periods.
Cybersecurity experts are also warning that the situation could lead to follow-up phishing scams targeting students and staff.
Also read: A Major Crypto Law Could Finally Change How Bitcoin and Stablecoins Work in the U.S..
Users affected by the incident are being advised to:
- remain cautious of suspicious emails or messages,
- avoid clicking unknown links,
- update passwords on accounts connected to Canvas,
- and enable multi-factor authentication where possible.
ShinyHunters, the group linked to the incident, has previously been connected to several high-profile cyberattacks involving major global companies and online platforms.
The incident highlights the growing cybersecurity risks facing universities and education technology providers as more student data, coursework, and communication systems move online.
While Canvas services have largely returned, many schools are still monitoring the situation closely as investigations continue into the scope of the alleged breach and the data potentially involved.
Also read: Alibaba Is About to Change Online Shopping With AI Conversations.
