TechCrunch·May 5, 2026

🚨ShinyHunters Claims Instructure Data Breach Affecting Millions

Millions of Students' Data Stolen in Instructure Breach

TL;DR

Cybercriminals ShinyHunters claim responsibility for a data breach at Instructure, affecting millions of students. The stolen data includes names and email addresses but no passwords.

ShinyHunters has claimed responsibility for a major data breach at Instructure, impacting close to 9,000 schools worldwide and potentially compromising the personal information of over 275 million people. This breach is particularly concerning as it involves sensitive student data like names, email addresses, and messages between teachers and students. If you're using Canvas or any other Instructure platform, this hits home hard. The stolen data includes full names, emails, and some phone numbers from two U.S. schools, but no passwords were compromised in the breach. TechCrunch reports that a sample of 231 million unique email addresses was shared by ShinyHunters, though they often exaggerate their claims.

ShinyHunters Claims Instructure Data Breach Affecting Millions

Key Points

1

Cybercriminals ShinyHunters claim responsibility for stealing over 275 million people's personal information from Instructure.

2

The breach allegedly impacted close to 9,000 schools worldwide and included data from two U.S. institutions using Canvas.

3

TechCrunch reports a sample of about 231 million unique email addresses was shared by ShinyHunters as evidence of the breach.

4

Instructure's products were restored after undergoing maintenance on Tuesday following the breach.

5

Financially motivated hacking groups often exaggerate their claims, so not all schools listed may be affected.

Why It Matters

If you're using Instructure's Canvas platform for your school or university, this is a major security concern. The stolen data includes names and email addresses of students and teachers, potentially exposing them to phishing attacks and identity theft.

InstructureCanvasShinyHuntersdata-breachstudent-data

Frequently Asked Questions

Why does this matter?

If you're using Instructure's Canvas platform for your school or university, this is a major security concern. The stolen data includes names and email addresses of students and teachers, potentially exposing them to phishing attacks and identity theft.

What happened?

Cybercriminals ShinyHunters claim responsibility for a data breach at Instructure, affecting millions of students. The stolen data includes names and email addresses but no passwords.

Comments

Subscribe to join the conversation...

Be the first to comment

Enjoyed this article?

Get it daily. 7am. Free. Reads in 5 minutes.