On Thursday, a cybersecurity incident disrupted the Canvas learning platform, leaving thousands of U.S. students unable to access their online coursework. This outage came at a critical time as many universities are in the midst of final exams, affecting multiple institutions nationwide.
Canvas, a widely-used cloud-based system for managing academic work, grades, and communication, experienced significant accessibility issues that could potentially disrupt exam schedules and academic deadlines. There is also growing concern about the potential exposure of sensitive data if the cyberattack claims prove true.
Alicia Acuna shared with Fox News Digital that her son, attending a university in Florida, was interrupted by a concerning message during his exam. This highlights the widespread disruption impacting students during an essential academic period.
The message, seen on some users’ dashboards, claimed responsibility for the outage, attributing it to the cybercrime group ShinyHunters. The hackers alleged a breach of Instructure, the company behind Canvas, and demanded affected universities negotiate a settlement by May 12, 2026, to prevent data exposure.
University officials are actively working to resolve the issue. Administrators at the University of Pennsylvania have communicated with faculty and students, confirming they are “actively investigating” the situation and collaborating with Instructure to restore platform access swiftly. They acknowledged that the disruption is not unique to their institution but impacts several universities.
University officials confirmed they were aware of the issue and working to restore access. In a message to faculty and students, University of Pennsylvania administrators said the school is “actively investigating” and “working with Instructure to restore access to Canvas as soon as possible,” adding that the disruption “is not limited to Penn and is affecting multiple institutions.”
A Maryland school district also warned families and staff not to access the platform. Anne Arundel County Public Schools said it shut down access to Canvas after detecting suspicious activity and instructed users not to attempt to log in or enter their usernames or passwords “on any interface,” according to a message reviewed by Fox News Digital.
Instructure said on its status page that it is “currently investigating this issue.” Earlier updates indicated the company had identified a cybersecurity incident in recent days and was working with outside experts.
Cybercriminals stole Social Security and medical data in a hack of OnTrac that exposed users’ information. (Photo by Annette Riedl/picture alliance via Getty Images)
Instructure did not immediately respond to Fox News Digital’s request for comment.
The disruption followed claims by ShinyHunters earlier this week that it had accessed data tied to thousands of schools using Canvas. The group has alleged it obtained user information such as names, email addresses and student ID numbers, though Instructure has said it found no indication that passwords or financial information were compromised.
Student newspapers, including The Daily Pennsylvanian and Duke’s The Chronicle, reported that the message briefly appeared on Canvas before being replaced with a notice stating the platform was undergoing “scheduled maintenance.”
The hack comes amid colleges and universities final exam period at the end of the spring semester. (JHU Sheridan Libraries/Gado/Getty Images)
ShinyHunters, a group known for high-profile data breach claims, has previously targeted education and technology companies, including incidents involving universities and third-party vendors in recent months.
The full scope of the disruption and whether any data was accessed or released has not been confirmed.
