ShinyHunters Claims Canvas Breach Exposing 275 Million Users Across 9,000 Schools

A notorious hacking group is claiming one of the largest education-sector data breaches in recent memory. ShinyHunters alleges it has compromised Canvas, a widely used learning management system, and stolen several terabytes of sensitive data. The claimed scale is staggering: personal information belonging to 275 million users across approximately 9,000 schools. The group is now issuing ultimatums, threatening to publish the entire dataset if its demands remain unmet.

Canvas, owned by Instructure, serves as critical digital infrastructure for K-12 and higher education institutions globally. If confirmed, the breach would represent a systemic failure in protecting student, educator, and administrative data at an unprecedented scale. ShinyHunters has a documented history of high-profile intrusions, having previously targeted Microsoft, Tokopedia, and other major platforms. The group's involvement signals a serious escalation in ransomware and extortion tactics targeting the education sector, which has faced intensifying cyber pressure in recent years.

The potential fallout could be severe. Educational records contain highly sensitive information—names, contact details, academic histories, and in some cases financial or health-related data. A leak of this magnitude would expose millions of individuals to identity theft, phishing campaigns, and long-term privacy risks. Institutions relying on Canvas may face regulatory scrutiny, legal exposure, and urgent questions about their data security posture. As of now, the breach remains unverified, and neither Instructure nor affected institutions have publicly confirmed the incident. The situation underscores the growing vulnerability of education technology platforms to sophisticated threat actors.