San Antonio Schools Hit by Cyberattack on Canvas Learning Management System The Alamo Colleges District confirmed on Thursday that it is responding to a global cybersecurity incident targeting Canvas, a widely used learning management system (LMS). The attack has disrupted operations at multiple San Antonio-based institutions, including the University of Texas at San Antonio (UTSA), the University of the Incarnate Word (UIW), and the Alamo Colleges District itself. The incident, which appears to be part of a broader wave of cyber threats, has caused outages and service interruptions for students and faculty relying on Canvas for coursework, assignments, and communication. While details on the nature of the attack such as whether it involves ransomware, data breaches, or other malicious activity remain limited, the affected institutions are working to restore functionality and assess potential risks. The timing of the attack coincides with a critical period for academic institutions, as many prepare for midterm exams and ongoing coursework. The full extent of the impact on students, faculty, and administrative operations is still under evaluation. No specific threat actor or motive has been publicly identified at this time.

Cyberattack Disrupts Virginia Tech Finals Week, Affects Thousands of Schools Nationwide A cyberattack on Canvas, the widely used education platform, caused widespread disruption on May 7 during Virginia Tech’s reading day, leaving students and faculty without access to course materials, assignments, and notes. The outage impacted over 8,000 schools, including multiple institutions in Virginia, and forced the postponement of final exams originally scheduled for May 8. Students reacted with a mix of frustration and relief. Some, like freshman Abigail Sapon, welcomed the unexpected break, using the time to pack and reduce stress. Others, such as freshman Juliana Cigularova, faced last-minute exam rescheduling, while senior Thomas Mauck joked about hoping for canceled finals. Teaching assistants like Sean Fleming noted the disruption affected both students and instructors, though the shared struggle fostered a sense of campus unity. Beyond the academic inconvenience, concerns about data security emerged. Students like sophomore Emilie Verton and senior Sydney Peterson worried about potential breaches, citing repeated outages including one last semester as a sign of underlying vulnerabilities. Freshman Kiersten McEacheron criticized the platform’s reliability, questioning why such disruptions had occurred multiple times. While some professors, like Madison Mulhern’s, quickly adapted by accepting emailed submissions, others scrambled to adjust. Freshman Jordan Walters lost access to study materials, and Leila Aguilar nearly missed an exam due to travel plans. Abigail Sapon, who had pre-written an essay, saw her work disrupted by the outage. Canvas has since been restored, and Virginia Tech rescheduled affected exams. The incident highlights the broader risks of cyberattacks on educational infrastructure, raising questions about platform security and preparedness.

Instructure Strikes Deal with ShinyHunters to Prevent Leak of 3.6TB Stolen Data Instructure, the provider of the Canvas learning management system, has negotiated with the ShinyHunters extortion group to prevent the release of data stolen in a recent breach impacting over 30 million educators and students. The cybercriminals claimed responsibility for exfiltrating more than 3.6 terabytes of data by exploiting cross-site scripting (XSS) vulnerabilities in Instructure’s Free-for-Teacher environment. The attack also included defacing Canvas login portals with an extortion message. Instructure confirmed the breach, stating that the vulnerabilities allowed attackers to gain administrative access. While the company reported that the stolen data was returned and confirmed destroyed with no ransom paid the FBI has warned that such agreements do not guarantee data security. This incident follows a separate September 2025 breach, also attributed to ShinyHunters, which targeted Instructure’s Salesforce instance. In response, Instructure has temporarily disabled Free-for-Teacher accounts to address the security flaws and will host a webinar on May 13 to discuss the breach and mitigation efforts. The company has assured users that no further extortion demands will be met.

ShinyHunters Breaches Instructure in Massive Educational Data Theft The cybercriminal group ShinyHunters has carried out one of the largest educational data breaches to date, targeting Instructure, the provider of the Canvas learning management system. The attack, detected on April 29, exploited a vulnerability in Canvas Free for Teacher, a service used by 8,809 institutions worldwide, including K–12 schools and higher education organizations. Instructure responded on May 2 by revoking compromised credentials, deploying security patches, and rotating encryption keys. However, a second wave of activity occurred on May 7, with users reporting extortion messages upon logging in. ShinyHunters claims to have exfiltrated 6.65 terabytes of data, including 275 million records containing names, email addresses, student ID numbers, and private communications between students, teachers, and staff. Instructure’s CISO, Steve Proud, confirmed that no passwords, financial details, or government identifiers were compromised. The group has set a May 12 deadline to negotiate a settlement, threatening to leak the stolen data if demands are not met. The breach underscores the growing targeting of educational institutions by cybercriminals seeking sensitive student and faculty information.

Global Canvas Data Breach Disrupts Students Amid Finals A widespread data breach at Canvas, a widely used learning management system (LMS), has caused significant disruptions for students worldwide, many of whom were in the midst of final exams. The incident, which emerged in recent days, left users unable to access course materials, submit assignments, or complete assessments, creating chaos during a critical academic period. Canvas, a platform utilized by universities, colleges, and K-12 institutions, serves millions of students globally. While details on the breach’s origin and scope remain limited, reports indicate that the outage affected users across multiple regions, with some institutions confirming service interruptions. The timing coinciding with peak exam season amplified the impact, forcing educators to extend deadlines or implement contingency plans. The breach highlights vulnerabilities in digital education infrastructure, particularly as reliance on LMS platforms grows. No official statement has been released regarding the cause, but cybersecurity experts suggest potential motives could include ransomware, unauthorized access, or system failures. Further updates on the breach’s resolution and any exposed data are expected in the coming days.

Global Cybersecurity Alert: Widespread Canvas Data Breach Disrupts Students During Finals A major data breach in Canvas, the widely used learning management system (LMS), has caused significant disruptions for students worldwide, many of whom were in the midst of final exams. The incident, which surfaced in April 2026, exposed vulnerabilities in the platform, leading to system outages, delayed submissions, and heightened stress for users relying on the service for academic work. While details on the breach’s origin remain limited, reports indicate that the disruption affected institutions globally, with students reporting inaccessible course materials, lost assignments, and communication breakdowns. The timing coinciding with peak exam periods amplified the impact, leaving educators and administrators scrambling to mitigate fallout. Canvas, developed by Instructure, is a critical tool for millions of students and educators, making this breach particularly concerning for the education sector. No official statement on the cause or scope of the breach has been released, but the incident underscores the growing risks of cyber threats targeting essential digital infrastructure. As investigations continue, the event serves as a reminder of the vulnerabilities in widely adopted platforms, especially during high-stakes periods like final exams. Further updates are expected as more information becomes available.

Summary: Key Cybersecurity Incident – Global Canvas Data Breach Disrupts Student Exams A major data breach involving Canvas, a widely used learning management system (LMS), has impacted students worldwide, causing significant disruptions during critical academic periods, including final exams. The incident, reported on May 12, 2026, exposed vulnerabilities in the platform, leading to widespread chaos as students struggled to access course materials, submit assignments, or complete assessments. The breach affected institutions globally, with no immediate details on the scope of compromised data or the attack vector. While the full extent of the impact remains unclear, the timing coinciding with peak exam periods amplified the disruption, leaving students and educators scrambling for alternatives. Authorities and platform providers have yet to release official statements on the cause or remediation efforts. This incident underscores the growing risks of cyber threats targeting educational infrastructure, particularly as digital learning platforms become central to academic operations. Further updates are expected as investigations progress.

Global Canvas Data Breach Disrupts Students Amid Finals A widespread data breach in Canvas, a widely used learning management system (LMS), has caused significant disruptions for students worldwide, many of whom were in the midst of final exams. The incident, which emerged this week, exposed vulnerabilities in the platform, leading to access issues, delayed submissions, and heightened stress for affected users. Canvas, a key tool for educational institutions, serves millions of students and educators globally. While details on the breach’s origin and scope remain limited, reports indicate that the disruption impacted users across multiple regions, including the U.S. and beyond. The timing coinciding with peak academic deadlines amplified the chaos, leaving students scrambling to complete assignments and exams. The breach underscores growing concerns about cybersecurity in educational technology, particularly as institutions increasingly rely on digital platforms. No official statement on the cause or resolution timeline has been released, but the incident highlights the need for robust safeguards in systems critical to academic operations. Further updates are expected as investigations continue.