Cyber attack hits thousands of colleges and universities
A global cyber attack disrupted online learning systems at colleges and universities around the world this week, locking students out of coursework and exams near the end of the spring…
A global cyber attack disrupted online learning systems at colleges and universities around the world this week, locking students out of coursework and exams near the end of the spring semester.
The attack targeted Canvas, a widely used online learning platform owned by Instructure. Schools across the United States, Canada and Australia reported outages and access problems.
The hacking group ShinyHunters reportedly claimed responsibility.
By Thursday evening, Instructure said Canvas had become available again “for most users,” but problems remained at some schools Friday.
Schools warned students not to log in while administrators and cybersecurity teams worked to contain the fallout.
The University of Sydney told students on Friday that “Canvas was unavailable” due to the outage tied to the attack.
“We are one of approximately 9000 institutions around the world that are impacted by this outage, and we are still waiting for advice from Instructure,” the university said in a statement.
The school acknowledged the disruption came at one of the worst possible times for students.
Meanwhile, Penn State University informed students on Thursday that “no one has access” to Canvas. The school also warned students that a resolution likely would not come “within the next 24 hours.”
Penn State canceled some exams scheduled for Thursday and Friday as the outage continued.
Other schools also took emergency measures.
The University of British Columbia in Vancouver told students Canvas was “unavailable due to a cyber breach of its parent company Instructure.” The university urged students to log out immediately.
The University of Toronto said “multiple universities were affected” by the breach.
At the University of California, Los Angeles, students struggled to upload assignments through the system. The University of Chicago temporarily shut down access to its Canvas page after reports surfaced that hackers targeted the school.
The student-run Chicago Maroon newspaper published what appeared to be a ransom message from ShinyHunters.
The message reportedly urged the university to contact the hackers privately “to negotiate a settlement” and avoid “the release of their data.”
Luke Connolly, a threat analyst with cybersecurity firm Emisoft, told the Associated Press that screenshots suggested the threats began last Sunday.
Connolly said negotiations over extortion payments could still be happening.
The cyber attack also renewed concerns about how heavily schools depend on centralized technology systems. When those systems go down, students and teachers can lose access to assignments, exams and communication almost instantly.


