The Instructure/Canvas data breach that has dominated cybersecurity coverage recently has reached a new stage.
Millions of students had personal data stolen, with extortion group ShinyHunters claiming credit for the data breach and applying extra pressure for their ransom demands by bothering Canvas users directly.
Which seems to have paid off. On the Instructure web page about the recent data breach, a status update dated May 11, 26 says:
“We know that concerns about the potential publication of data related to this incident remain top of mind for many customers. We understand how unsettling situations like this can be, and protecting our community remains our top priority.
With that responsibility in mind, Instructure reached an agreement with the unauthorized actor involved in this incident.”
Read more…
Source: Malwarebites Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- CIMB refutes claims of data breach involving 1.2 million records
March 4, 2026
CIMB Group Holdings Bhd has given assurance that claims circulating online about a data breach involving its customers are false and that customer data continues to be protected. The financial services provider said on social media platform X that its security teams have verified that all systems are secure and that customer data remains fully safeguarded. ...
- Europol, Microsoft, TrendAI and Collaborators Halt Tycoon 2FA Operations
March 4, 2026
Researchers from TrendAI have been tracking the infrastructure, as well as the campaigns and operator behaviors that can be linked to Tycoon 2FA to build a clearer picture of how its services was being used at scale. By November 2025, TrendAI had collected enough data to link the operation to an actor using the monikers “SaaadFridi” ...
- Hacktivists may have just cracked open ICE and exposed over 6,000 companies working with the DHS
March 3, 2026
A hacktivist group has claimed to have broken into systems belonging to the US Department of Homeland Security (DHS) and exposed sensitive files online. The group, with the self-awarded name “The Department of Peace”, stole data from the Office of Industry Partnership that contained contracts between DHS, Immigration and Customs Enforcement (ICE), and over 6,000 private ...
- Fooling AI Agents: Web-Based Indirect Prompt Injection Observed in the Wild
March 3, 2026
Large language models (LLMs) and AI agents are becoming deeply integrated into web browsers, search engines and automated content-processing pipelines. While these integrations can expand functionality, they also introduce a new and largely underexplored attack surface. One particularly concerning class of threats is indirect prompt injection (IDPI), in which adversaries embed hidden or manipulated instructions within ...
- LexisNexis hacked, 2 GB of structured data allegedly exposed
March 3, 2026
The hacker group FulcrumSec is taking responsibility for a data breach of information from LexisNexis. The group claims to have hacked into the LexisNexis servers on Feb. 24. It posted about the hack and alleged it got access to over 2 gigabytes of structured data. “We exfiltrated 2.04 GB of structured data from LexisNexis AWS infrastructure ...
- Scammers try to SIM-swap Dubai citizens hours after Iranian missile strikes
March 2, 2026
Scammers targeted Dubai citizens mere hours after missiles struck the city, attempting to gain access to their bank accounts, police have warned. Financially motivated cybercriminals are contacting citizens under the guise of Dubai Crisis Management, a fictitious department ostensibly tied to Dubai Police, in attempts to gather information that could be used in SIM-swap attacks. The ...