A significant data breach has compromised students, faculty, and staff at over 8,000 educational institutions nationwide, with hackers threatening to release the stolen information.
JACKSONVILLE, Fla. — The University of North Florida (UNF) is among the numerous institutions affected by a data breach targeting Canvas, a widely-used online platform for educational content and examinations.
On Friday, following the restoration of the service, UNF communicated to students and faculty that it was part of the large-scale breach impacting thousands of schools and colleges across the United States.
This story continues below.
The breach was discovered by Instructure, the parent company of Canvas, which noticed unauthorized access to its systems on Thursday. As a result, Canvas was temporarily shut down, causing significant disruptions during the crucial final exam period. This incident occurred just after UNF concluded its semester and finals week.
Instructure revealed that a hacker group known as “ShinyHunters” was responsible for obtaining personal information from students, staff, and faculty. This breach is linked to a previous incident on April 29.
“Although Instructure has yet to disclose the complete scope of the exposed data, it has been reported that personal identifiers such as names, email addresses, student ID numbers, and user messages were compromised,” UNF stated in their announcement.
The school said it would provide updates to the campus community as details of the breach and the scope of its impacts become known.
Instructure said no additional data appeared to have been stolen on May 7, and there was no evidence that passwords, dates of birth, government identifiers or financial information were exposed.
ShinyHunters gave the software company and schools an ultimatum before they threatened to begin leaking personal data.
“If any of the schools in the affected list are interested in preventing the release of their data, please consult with a cyber advisory firm and contact us privately,” the hackers wrote in a message on a dark web leak site, warning institutions that they had until next Tuesday to make a deal.
Instructure announced that the incident has been contained and that it has since implemented new security measures, notified law enforcement and brought in outside experts to investigate. The source of the breach was identified as the company’s Free-For-Teacher accounts, which have been temporarily disabled.
