- Instructure confirms a cyberattack that exposes user names, emails, IDs and communications
- ShinyHunters claims responsibility, alleging data theft of millions from thousands of schools
- Incident highlights risks in third-party integrations, and experts urge stronger access governance
Instructure, the educational technology giant behind the popular Canvas learning system, confirmed that it suffered a cyberattack and lost confidential customer data.
The company issued a brief statement confirming the hit: “While our investigation continues alongside our external forensic experts, at this stage we believe the incident has been contained,” the notice reads.
Instructure said the criminals accessed “certain user-identifying information” at the affected institutions, including names, email addresses, student ID numbers, and user communications.
Article continues below.
ShinyHunters strikes again
No passwords, dates of birth, government identifiers or financial information were involved.
Still, having names, emails, and communications is more than enough information to mount very convincing phishing and identity theft attacks, which could lead to more destructive scams.
Instructure also said it revoked privileged credentials and access tokens associated with the affected systems, deployed patches, rotated keys, and implemented increased monitoring across all platforms.
The company did not say how many people were affected by the breach or who the threat actors were. However, beepcomputer discovered that the infamous ShinyHunters claimed responsibility by listing the company on their dark website.
“Nearly 9,000 schools worldwide affected. 275 million individual data ranging from students, teachers and other staff containing PII,” the criminals wrote.
“Several billion private messages between students, teachers, students and other students involved, containing personal conversations and other personal information. Your Salesforce instance was also breached and there is much more data involved.”
The threat actors apparently managed to access Instructure through a vulnerability in its systems, which the company later patched. They appear to have stolen files from 15,000 institutions in different locations around the world, including Europe, North America and Asia-Pacific.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds.
