GoKawiilInstructure, the edtech giant behind the widely popular Canvas learning management system (LMS), has reached an "agreement" with the ShinyHunters extortion group to prevent the data stolen in a recent breach from being leaked online.
The company says over 30 million educators and students use its Canvas platform across more than 8,000 schools and universities worldwide.
In a Tuesday statement, Instructure said the cybercrime gang also returned the stolen data and provided shred logs confirming its destruction.
"We understand how unsettling situations like this can be, and protecting our community remains our top priority. With that responsibility in mind, Instructure reached an agreement with the unauthorized actor involved in this incident," it said.
"We have been informed that no Instructure customers will be extorted as a result of this incident, publicly or otherwise. This agreement covers all impacted Instructure customers, and there is no need for individual customers to attempt to engage with the unauthorized actor."
However, as the FBI has repeatedly warned, paying a ransom does not guarantee that threat actors will not also sell the stolen data to other cybercriminals or attempt to extort the victims again.
Instructure added that its leadership will share more information regarding the incident and the measures it has taken to secure its systems against future breach attempts in a May 13 webinar.
ShinyHunters claimed responsibility for the breach and said they stole more than 3.6TB of uncompressed data, after the company confirmed that data had been stolen in the cyberattack.
ShinyHunters' message on University of Texas San Antonio's Canvas login page
Instructure confirmed to BleepingComputer that ShinyHunters exploited a security issue in the Free-for-Teacher environment, a free, limited version of Canvas LMS for individual educators, to steal the data.
... continue reading