Instructure, the company behind the Canvas learning management platform, says it has "reached an agreement" with hackers that breached its systems last week to prevent stolen data from being leaked online. The ShinyHunters hacking group claimed responsibility for the attack before Canvas was briefly taken offline. The group threatened to publish 3.5 terabytes of student […]
Tech News Security Canvas owner reaches ‘agreement’ with hackers to secure stolen data Which probably means Instructure has paid the hacking group.
Which probably means Instructure has paid the hacking group.
Instructure, the company behind the Canvas learning management platform, says it has “ reached an agreement ” with hackers that breached its systems last week to prevent stolen data from being leaked online.
The ShinyHunters hacking group claimed responsibility for the attack before Canvas was briefly taken offline . The group threatened to publish 3.5 terabytes of student data if ransom demands for a “settlement” weren’t met. Now, Instructure says the stolen data has been returned as part of its unspecified “agreement” with the hackers, alongside a promise that “no Instructure customers will be extorted as a result of this incident.” “We understand how unsettling situations like this can be, and protecting our community remains our top priority,” Instructure said in its latest statement. “With that responsibility in mind, Instructure reached an agreement with the unauthorized actor involved in this incident.” Related Never pay the ransom — a cybersecurity CEO explains why The ransomware business is booming, even as enforcers shut down some major players Instructure doesn’t explicitly say that it paid ShinyHunters, but this update certainly suggests as much. Ransom payments can go toward funding further ransomware attacks , and there’s no guarantee that the hacking group will uphold its side of the bargain. Instructure said it had received proof that the stolen data had been destroyed (which begs the question of how that data was also “returned”), and that its agreement covers all customers impacted by the breach.
“While there is never complete certainty when dealing with cyber criminals, we believe it was important to take every step within our control to give customers additional peace of mind, to the extent possible. We continue to work with expert vendors to support our forensic analysis, further harden our environment, and conduct a comprehensive review of the data involved.” Most Canvas systems have since been restored , and Instructure is planning to share more information about the attack in a webinar tomorrow. Last week, Instructure said hackers had exploited Free-For-Teacher accounts to breach its systems and responded by temporarily shutting down those accounts. Instructure has not announced when access to Free-For-Teacher accounts will be restored.
Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.
Jess Weatherbed News Security Tech Most Popular Most Popular Logitech’s tiny folding mouse improves upon the laptop trackpad Forza Horizon 6 has been leaked and cracked a week before its release Palantir’s true believers are wearing this jacket Google stopped a zero-day hack that it says was developed with AI Windows 11 is getting a macOS-like speed boost The Verge Daily A free daily digest of the news that matters most.
Email (required) Sign Up By submitting your email, you agree to our Terms and Privacy Notice .
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Advertiser Content From This is the title for the native ad
