Stolen Canvas data was “returned” after hacker agreement, Instructure says


The Instructure/Canvas data breach that has dominated cybersecurity coverage recently has reached a new stage.

Millions of students had personal data stolen, with extortion group ShinyHunters claiming credit for the data breach and applying extra pressure for their ransom demands by bothering Canvas users directly.

Which seems to have paid off. On the Instructure web page about the recent data breach, a status update dated May 11, 26 says:

“We know that concerns about the potential publication of data related to this incident remain top of mind for many customers. We understand how unsettling situations like this can be, and protecting our community remains our top priority.

With that responsibility in mind, Instructure reached an agreement with the unauthorized actor involved in this incident.”

Read more…
Source: Malwarebites Labs


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Fortinet Supports INTERPOL-led Cybercrime Operation across the Association of Southeast Asian Nations (ASEAN)

    April 24, 2017

    Fortinet has partnered with INTERPOL over the past two years to assist in identifying and thwarting cybercrime. Today, INTERPOL announced that a new operation across the ASEAN region, built around threat intelligence provided by Fortinet and other public and private sector security organizations, has resulted in the identification of nearly 9,000 Command and Control (C2) ...

  • US Court Sentences Russian Lawmaker’s Son to 27 Years in Jail for Hacking

    April 21, 2017

    The son of a prominent Russian lawmaker was sentenced on Friday by a US federal court to 27 years in prison after being convicted of stealing millions of US credit card numbers and causing some $170 million in damages to businesses and individuals. This sentence is so far the longest sentence ever imposed in the United ...

  • Improved cyber security for General Election after Russian hacking scandal

    April 21, 2017

    Cyber security chiefs are to give fresh guidance to protect the general election from being disrupted by hackers. Just weeks ago, Ciaran Martin, chief executive of the National Cyber Security Centre, briefed political party bosses on how they can defend their organisations from online attacks. They were given an overview of threats, case studies on recent cyber ...

  • Hong Kong to tighten cyber security rules after broker hacks

    April 20, 2017

    Hong Kong plans to toughen information security rules after a series of embarrassing hacks at the city’s brokers, the securities regulator said on Thursday. The draft rules would likely include requirements for two-step authentication for account log-in and for brokers to notify clients when a transaction had been made, a Hong Kong Securities and Futures Commission ...

  • Hackers Dump 1.7 Million Snapchat User Data on Dark Web

    April 18, 2017

    Anonymous Indian hackers are taking revenge on Snapchat’s CEO and claim to have leaked a database containing the credentials of 1.7 million users. The hackers are particularly upset after Evan Spiegel,Snapchat CEO, reportedly made a rather nasty remark regarding expansion plans. According to claims that emerged last week as an ex-employee filed a lawsuit against the ...

  • Hajime worm battles Mirai for control of the Internet of Things

    April 18, 2017

    A battle is raging for control of Internet of Things (IoT) devices. There are many contenders, but two families stand out: the remains of the Mirai botnet, and a new similar family called Hajime. Hajime was first discovered by researchers in October of last year and, just like Mirai (Linux.Gafgyt), it spreads via unsecured devices that ...