The academic world is facing its most significant cybersecurity crisis to date. On May 9, 2026, the hacking collective ShinyHunters announced the successful breach of Instructure’s Canvas LMS. The attackers claim to have stolen 3.65 TB of data, compromising the records of 275 million students and faculty across 9,000 institutions globally. Samples of the data, which have been verified by third-party researchers, include full names, academic transcripts, hashed credentials, and private direct messages.
ShinyHunters has escalated the situation by defacing several high-traffic login portals with a countdown timer. The group is demanding a massive cryptocurrency ransom, setting a hard deadline of May 12, 2026. Failure to comply will result in the public release of the entire archive, including sensitive behavioral data and internal communications. This incident underscores the extreme risk of centralized educational platforms and the urgent need for decentralized, Zero Trust identity management in academic tech.