Instructure has confirmed a data breach affecting student information after the hacking and extortion group ShinyHunters claimed responsibility for the attack.
Hackers Claim Theft Of Student And School Data
ShinyHunters said it stole student names, personal email addresses, and messages exchanged between students and teachers, matching the categories of data that Instructure acknowledged were compromised.
The group shared samples of the allegedly stolen data with TechCrunch. The samples included records connected to two schools in the United States, one located in Massachusetts and another in Tennessee.
The Massachusetts sample reportedly contained messages including names, email addresses, and some phone numbers. The Tennessee sample included students’ names and email addresses.
The leaked samples did not contain passwords or other categories of information that Instructure said were unaffected by the incident.
Canvas Platform Linked To Affected Schools
TechCrunch said it could not independently confirm whether the schools represented in the sample data were victims of the breach.
Both institutions appear to use Canvas, Instructure’s educational platform used for coursework management, assignments, and communication between schools and students.
ShinyHunters also shared a list of roughly 8,800 schools it claimed were affected by the breach. TechCrunch said it could not verify whether all listed institutions were impacted or whether all were Instructure customers.
Instructure states on its website that it serves more than 8,000 institutions globally.
Hackers Claim Hundreds Of Millions Of Records
On its leak site, ShinyHunters claimed the breach affected nearly 9,000 schools worldwide and exposed data connected to 275 million students, teachers, and staff members.
In a conversation with TechCrunch, a member of the hacking group said the stolen dataset contained approximately 231 million unique email addresses.
Cybersecurity researchers have noted that financially motivated extortion groups often exaggerate breach figures to pressure victims and attract public attention.
Company Refers Users To Official Updates Page
When contacted by TechCrunch, Instructure spokesperson Kate Holmes declined to answer detailed questions about the breach and instead directed inquiries to the company’s official incident update page.
As of Tuesday, Instructure said some services, including Canvas, had been restored following maintenance related to the incident.
Featured image credits: Onit
For more stories like it, click the +Follow button at the top of this page to follow us.