Share and Follow
Thousands of students across the United States found themselves locked out of the Canvas learning platform on Thursday as universities scrambled to address a cybersecurity incident impacting multiple campuses.
Canvas, a widely used cloud-based system for managing coursework, grades, and communication, experienced outages for some users at a critical time when many colleges are conducting final exams.
With thousands of institutions relying on Canvas nationwide, any extended disruption could significantly affect exam schedules and academic deadlines. Additionally, there is growing concern about the potential exposure of sensitive student data if the hackers’ claims prove to be true.
Alicia Acuna shared with Fox News Digital that her son, who attends a university in Florida, was interrupted mid-exam when his computer screen was overtaken by a message, highlighting the widespread disruption students are facing during this crucial academic period.
The message, displayed on some users’ dashboards, claimed responsibility for the disruption and identified the cybercriminal group ShinyHunters as the perpetrators. They alleged to have “breached Instructure (again),” the company behind Canvas, and urged affected institutions to “negotiate a settlement” to prevent the release of data, with a deadline ominously set for May 12, 2026.
University officials confirmed they were aware of the issue and working to restore access. In a message to faculty and students, University of Pennsylvania administrators said the school is “actively investigating” and “working with Instructure to restore access to Canvas as soon as possible,” adding that the disruption “is not limited to Penn and is affecting multiple institutions.”
A Maryland school district also warned families and staff not to access the platform. Anne Arundel County Public Schools said it shut down access to Canvas after detecting suspicious activity and instructed users not to attempt to log in or enter their usernames or passwords “on any interface,” according to a message reviewed by Fox News Digital.
Instructure said on its status page that it is “currently investigating this issue.” Earlier updates indicated the company had identified a cybersecurity incident in recent days and was working with outside experts.
Cybercriminals stole Social Security and medical data in a hack of OnTrac that exposed users’ information. (Photo by Annette Riedl/picture alliance via Getty Images)
Instructure did not immediately respond to Fox News Digital’s request for comment.
The disruption followed claims by ShinyHunters earlier this week that it had accessed data tied to thousands of schools using Canvas. The group has alleged it obtained user information such as names, email addresses and student ID numbers, though Instructure has said it found no indication that passwords or financial information were compromised.
Student newspapers, including The Daily Pennsylvanian and Duke’s The Chronicle, reported that the message briefly appeared on Canvas before being replaced with a notice stating the platform was undergoing “scheduled maintenance.”
The hack comes amid colleges and universities final exam period at the end of the spring semester. (JHU Sheridan Libraries/Gado/Getty Images)
ShinyHunters, a group known for high-profile data breach claims, has previously targeted education and technology companies, including incidents involving universities and third-party vendors in recent months.
The full scope of the disruption and whether any data was accessed or released has not been confirmed.