"Instructure announced that the incident was perpetrated by cybercriminals and that it had retained outside forensics experts to investigate. 'We are working quickly to understand the extent of the incident and actively taking steps to minimize its impact,' the company said."
"The attackers gained access to personal information such as names, email addresses, and student ID numbers. 'At this time, we have found no evidence that passwords, dates of birth, government identifiers, or financial information were involved,' the company said."
"The infamous ShinyHunters extortion group added Instructure to its Tor-based leak site, claiming the theft of 3.65 terabytes of data. The threat actor claims the stolen information belongs to 275 million students, teachers, and other individuals at close to 9,000 education institutions worldwide."
Instructure, an education technology company, experienced a cyberattack that disrupted services and resulted in a data breach. The attack, disclosed on April 30, affected tools relying on API keys. By May 3, access to the Canvas Data 2 platform was restored. The company confirmed that personal information, including names and email addresses, was compromised, but no evidence of financial data being involved was found. The ShinyHunters group claimed responsibility, alleging the theft of 3.65 terabytes of data affecting 275 million individuals across nearly 9,000 institutions.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]