During a breach at education tech firm Instructure, hackers steal student data

Instructure has confirmed a data breach that exposed sensitive student information, with the hacking group ShinyHunters claiming responsibility for the attack. The breach has raised serious concerns across the education sector, as millions of students and institutions may be affected.

According to reports, the hackers accessed and stole personal data including students’ names, email addresses, and messages exchanged between teachers and students. However, the stolen data does not appear to include passwords or financial information, which the company says remain secure. A sample of the leaked data shared with media outlets showed details from two U.S. schools, including names, email addresses, and in some cases phone numbers.

The affected institutions are believed to be users of Canvas, Instructure’s widely used platform that helps schools manage coursework, assignments, and communication. The attackers also claimed to have a list of around 8,800 schools potentially impacted, though this number has not been independently verified. Instructure itself states it serves more than 8,000 institutions globally.

ShinyHunters has further claimed that the breach could involve data from up to 275 million individuals, including students, teachers, and staff. However, cybersecurity experts warn that such groups often exaggerate numbers to increase pressure for ransom payments and attract media attention.

This incident is part of a growing trend of cyberattacks targeting educational institutions and cloud-based platforms. Instructure has acknowledged the breach and restored some of its services, including Canvas, after temporary maintenance. The company says it is continuing to investigate the incident and will provide updates as more information becomes available.