ShinyHunters Claims Canvas Breach as Platform Outage Hits U.S. Universities

Thousands of students across the U.S. lost access to the Canvas learning platform on Thursday. Universities investigated a cybersecurity incident that hit multiple institutions.

Canvas, a cloud-based system schools use to manage coursework, grades and communication, went offline for some users. The outage came during a key period as many colleges gave final exams.

The platform serves thousands of institutions nationwide. A long disruption could disrupt exams and deadlines. It also raised worries about student data exposure if hackers' claims hold up.

A message on some users' dashboards took responsibility for the outage. It said cybercrime group ShinyHunters had "breached Instructure (again)," the company that runs Canvas. The message told affected schools to "negotiate a settlement" to stop data release. It set a deadline of May 12, 2026.

University of Pennsylvania officials confirmed they knew of the issue. They worked to restore access. In a message to faculty and students, administrators said the school is "actively investigating" and "working with Instructure to restore access to Canvas as soon as possible." They noted the disruption "is not limited to Penn and is affecting multiple institutions."

Instructure posted on its status page that it is "currently investigating this issue." Earlier updates said the company had spotted a cybersecurity incident in recent days. It worked with outside experts.

Instructure did not respond right away to Fox News Digital's request for comment.

The outage followed ShinyHunters' claims earlier in the week. The group said it accessed data from thousands of schools using Canvas. It alleged it got user details like names, email addresses and student ID numbers. Instructure said it found no sign passwords or financial information were touched.

Student newspapers reported the message showed up briefly on Canvas. These included The Daily Pennsylvanian and Duke’s The Chronicle. It got replaced with a notice about "scheduled maintenance."

ShinyHunters has a record of high-profile data breach claims. It targeted education and technology companies before, including universities and vendors in recent months.

The full scope of the disruption remains unclear. Officials have not confirmed if data was accessed or released.