The US parent company of online learning system Canvas said on Monday it has reached a settlement with a hacking group that stole student and school data on the educational platform.
What’s the latest?
The instructor said in a statement posted online that it “has reached a settlement with the unauthorized actor involved in this incident.”
The company said “the data was returned to us” and “we received digital confirmation of the data destruction (shred logs).”
“There will be no extortion of any Instructor customer, publicly or otherwise, as a result of this incident,” the statement said. “This settlement covers all affected Instructor customers, and there is no need for individual customers to attempt to connect with the unauthorized actor.”
The instructor first said it was investigating a cybersecurity incident regarding Canvas on May 1.
The hacking group ShinyHunters claimed responsibility for the breach in a May 3 post on its website. ShinyHunters said it seized about 6.65 terabytes of Canvas data in the hack.
The group said it would release data related to about 9,000 schools around the world if educational institutions do not pay the ransom by May 6. ShinyHunters then pushed back the deadline as it said negotiations were ongoing with some schools.
ShinyHunters is reportedly made up of young adults and teenagers in the US and UK and has previously been accused of hacking online sales platform Ticketmaster.
Canvas is ‘fully operational and safe to use’
Instructables CEO Steve Daly apologized for the hack and said that Canvas is “fully operational and safe to use.”
“Over the past few days, many of you faced real disruption. Stress on your teams. Missed moments in class. Questions you couldn’t get answered. You deserved more consistent communication from us, and we didn’t get it. I’m sorry for that,” Daly said.
Usernames, email addresses, course names, enrollment information and messages are some of the information compromised in the hack, Daly said.
Canvas serves as a hub for digital and course content, a gradebook, and a platform for instructors and students to talk with each other.
The hack affected some universities during the final examination period, with the hack leaving students unable to access review materials on the Canvas platform. The University of Massachusetts at Dartmouth and the University of Illinois were among the institutions that postponed exams due to the breach.
Edited by: Jennifer Cimino Gonzalez