GoKawiilThe hacker behind a breach at education technology giant Instructure claims to have stolen 280 million records tied to students and staff from 8,809 colleges, school districts, and online education platforms.
Instructure is a cloud-based education technology company best known for its Canvas learning management system, which schools and universities use to manage coursework, assignments, grading, and communication.
Last Friday, Instructure disclosed that it was investigating a cyberattack and later revealed that it had suffered a data breach, during which users' names, email addresses, and private messages were exposed.
The ShinyHunters extortion gang claimed responsibility for the attack and says it stole 280 million records for students, teachers, and staff.
Instructure listing on ShinyHunters data leak site
The threat actors have now published a list of 8,809 school districts, universities, and educational platforms whose Canvas instances were allegedly impacted by the attack, sharing record counts per institution with BleepingComputer.
The record counts for each educational institution range from tens of thousands to several million per institution.
BleepingComputer is not naming specific organizations listed by the threat actor, as we have not independently verified whether they were impacted by the breach.
The threat actor claims the data was stolen using Canvas data export features, including DAP queries, provisioning reports, and user APIs, and that they harvested hundreds of gigabytes of user records, messages, and enrollment data.
While Instructure has not responded to repeated emails regarding the incident, some universities have begun issuing statements about the potential impact.
... continue reading