Thousands of students across the U.S. were unable to access the Canvas learning platform Thursday as universities investigated a cybersecurity incident affecting multiple institutions.
Canvas, a cloud-based system used by schools to manage coursework, grades and communication, went offline for some users during a critical period as many colleges administer final exams.
The platform is used by thousands of institutions nationwide, meaning any prolonged disruption could interfere with exams and academic deadlines while raising concerns about the potential exposure of sensitive student data if the hackers’ claims are legitimate.
A message appearing on some users’ dashboards claimed responsibility for the disruption, saying cybercrime group ShinyHunters had “breached Instructure (again),” referring to the company that operates Canvas. The message urged affected schools to “negotiate a settlement” to prevent the release of data and set a deadline of May 12, 2026.
POWERSCHOOL DATA BREACH EXPOSES MILLIONS OF STUDENT AND TEACHER RECORDS
University officials confirmed they were aware of the issue and working to restore access. In a message to faculty and students, University of Pennsylvania administrators said the school is “actively investigating” and “working with Instructure to restore access to Canvas as soon as possible,” adding that the disruption “is not limited to Penn and is affecting multiple institutions.”
Instructure said on its status page that it is “currently investigating this issue.” Earlier updates indicated the company had identified a cybersecurity incident in recent days and was working with outside experts.
Instructure did not immediately respond to Fox News Digital’s request for comment.
GOOGLE CONFIRMS DATA STOLEN IN BREACH BY KNOWN HACKER GROUP
The disruption followed claims by ShinyHunters earlier this week that it had accessed data tied to thousands of schools using Canvas. The group has alleged it obtained user information such as names, email addresses and student ID numbers, though Instructure has said it found no indication that passwords or financial information were compromised.
Student newspapers, including The Daily Pennsylvanian and Duke’s The Chronicle, reported that the message briefly appeared on Canvas before being replaced with a notice stating the platform was undergoing “scheduled maintenance.”
ShinyHunters, a group known for high-profile data breach claims, has previously targeted education and technology companies, including incidents involving universities and third-party vendors in recent months.
The full scope of the disruption and whether any data was accessed or released has not been confirmed.
