BUZZ
SCIENCE & TECH

Education platform pays off hacker who shut down site during finals week

Posted on May 12, 2026
By Micaiah Bilger - Assistant Editor
Share to:
More options
Email Reddit Telegram

A cyberthreat on Liberty University Canvas platform; Michael Haak for The College Fix

Hacker threatened to leak millions of users’ private information

The company that runs Canvas, an online platform used by thousands of colleges and universities, agreed to pay a ransom to hackers who shut down the website last week, leading to some schools to postpone finals. 

Instructure, which operates Canvas, did not disclose the amount that it paid to hacker ShinyHunters in exchange for the return of “compromised data of some 275 million users across more than 8,800 institutions,” Inside Higher Ed reports.

“While there is never complete certainty when dealing with cyber criminals, we believe it was important to take every step within our control to give customers additional peace of mind, to the extent possible,” the company stated. 

Instructure also stated that it “received digital confirmation of data destruction (shred logs)” and assurance “that no Instructure customers will be extorted as a result of this incident, publicly or otherwise.”

Last Thursday, the hacker shut down the Canvas platform, which many professors use for online coursework, and demanded a ransom be paid by May 12. Otherwise, the hacker threatened to leak the personal information of hundreds of millions of users. 

Although the platform was back up and running Friday, the temporary outage caused chaos at Liberty University and other campuses as many students were preparing to take final exams or completing final projects for the semester, The College Fix reported last week.

“We understand the impact this disruption is having and want to reassure you that appropriate class extensions will be provided,” the private, Christian college stated in a campus-wide email on Thursday.

ShinyHunters is an extortion group with a history of breaching company websites and online databases via misconfigurations and AI-powered voice phishing attacks, according to an article at DC Control, a tech company.

The group demands ransoms and leaks data on dark web forums if unpaid, totaling over 73 million records stolen, tech news site ZD NET reports.

MORE: Cyberattack prompts finals panic at Liberty U., campuses across the U.S.