Instructure strikes deal with hackers after massive Canvas cyber breach hits universities | CBC News

Instructure strikes deal with hackers after massive Canvas cyber breach hits universities | CBC News

Briefly

"Instructure reached an agreement with the unauthorized actor involved in this incident, the company said in statement posted online late Monday. As part of the deal, the company said the impacted data was returned and that it had also received digital verification the data was destroyed (via "shred logs"). Instructure said it received an assurance that none of its customers would be extorted "as a result of this incident, publicly or otherwise" and specified that "there is no need for individual customers to attempt to engage with the unauthorized actor.""

"No further details about the deal were disclosed, including whether it involved payment. A hacker group called ShinyHunters, previously tied to breaches at Ticketmaster and Google's Salesforce database, quickly claimed responsibility for the cyberattack last week. The group claimed it had compromised the personal info of 275 million people and had threatened to publicly release the stolen data full names, email addresses, student numbers and personal messages, according to Instructure unless paid an undisclosed sum."

"In an online message, a ShinyHunters representative told Reuters the "data is deleted, gone. The company and its customers will not further be targeted or contacted for payment by us." The rep declined to answer specific questions about the agreement. At schools and universities, instructors use Canvas to share a wide range of material with students, from course notes to media to exams. They might also use it to communicate and share grades or other updates, while students at some institutions also use the platform to submit their assignments."