Published：May 8, 00:41Last updated：May 12, 11:36

Global Cyberattack Disrupts Canvas Learning Platform During Finals

May. 8, 2026 00:41

A cyberattack on Canvas, a learning management system, disrupted finals preparation for thousands of schools. Hackers claimed access to billions of records and set a May 12 ransom deadline. Institutions worldwide are affected.

Summarized

22News

13Media

May. 12, 2026 10:31

The company behind Canvas, a platform used by thousands of colleges and universities, announced on May 12, 2026, that it had reached an agreement with hackers who stole students' data. The hackers disrupted educational institutions, and the company paid them to delete the stolen information. Details of the agreement were not disclosed, but the incident highlights ongoing cybersecurity challenges in the education sector.

May. 12, 2026 11:36

The company operating the Canvas online learning system announced on May 12, 2026, that it reached a deal with hackers to delete data stolen in a cyberattack. The attack disrupted students, many of whom were in the middle of finals. The agreement aims to mitigate the impact of the breach.

A widespread cyberattack targeting the Canvas learning management system has disrupted academic operations at universities worldwide, including Harvard, Yale, and multiple Canadian institutions. The May 2026 attack occurred during critical final exam periods, causing widespread exam delays and coursework inaccessibility. Hackers stole student data and demanded ransom, prompting Canvas developer Instructure to negotiate a data deletion agreement. While services have been restored, the incident has exposed significant vulnerabilities in educational technology infrastructure.

🚨 Attack Timeline

The cyberattack began on May 7, 2026, coinciding with final exam periods at many universities. Hackers issued a May 12 deadline for ransom demands, creating urgency for affected institutions. Forensic analysis revealed the breach impacted 275 million users across 9,000 institutions globally. Services were temporarily shut down before being restored by May 8 with enhanced security measures. The attack's timing maximized disruption during one of the busiest academic periods. CBC News+2

🏫 Institutional Fallout

Over 9,000 educational institutions faced severe disruptions, with students unable to access study materials or submit assignments. Major universities including Harvard, Yale, Columbia, UNC Chapel Hill and UPenn implemented emergency contingency plans. Many extended deadlines and created alternative assessment methods, while warning students about potential data exposure risks. The attack particularly impacted Canadian and U.S. schools during their critical exam seasons. CBC News+2

🔒 Security Response

Canvas parent company Instructure reached an agreement with hackers to delete stolen data, though details remain undisclosed. The company restored services with enhanced security protocols, including mandatory multi-factor authentication. Cybersecurity experts are assisting with forensic analysis to determine the full extent of data compromise. The incident has prompted discussions about migrating to more secure platforms and implementing stronger protections for educational data. ABC News+2

📅 Ongoing Concerns

The attack has reignited debates about academic reliance on centralized digital platforms, with lawmakers calling for stricter cybersecurity regulations. Students and faculty remain concerned about potential long-term data privacy implications. The incident highlights growing threats to education technology infrastructure and the need for comprehensive security overhauls in the sector. Universities are reviewing their technology partnerships and emergency response plans. ABC News+2

UPennCanvasShinyHunters9,000 schoolsUNC Chapel Hill