"Instructure, which operates the education platform Canvas, used by education providers worldwide, announced it had reached an agreement with the unauthorised actor behind the ransomware attack. Experts read the careful language as a sign that a ransom has been paid. The company has not confirmed. The question of whether firms should pay ransomware attackers to regain access to their systems, and potentially prevent further harm from the release of personal information of in some cases millions is one that thousands of companies face each year."
"The hacking group ShinyHunters claimed responsibility for the attack on Instructure. They had threatened to leak the reported 3.6TB of data comprising of student ID numbers, email addresses, names and messages from 9,000 schools and 275 million students and staff worldwide unless the company paid the ransom. Sign up for the Breaking News Australia email In Australia, more than two dozen universities and public and private schools in several states were victims of the attack."
"Instructure later confirmed that the hackers had exploited a vulnerability in its Free for Teacher software that allowed them to deface login pages, such as that for the University of Texas San Antonio, to alert users to the breach. The company said this week that the data was returned to it as part of the agreement it reached with the hackers, and also that they were shown digital confirmation of data destruction via shred logs a technical report that is generated by a program that processes data to be destroyed in a way that makes it no longer recoverable."
Instructure, which operates the Canvas education platform, reached an agreement with the unauthorized actor behind a ransomware attack after widespread outages and data theft. Hundreds of millions of students’ data were reported stolen, assignment due dates were delayed, and school login pages were defaced. The hacking group ShinyHunters claimed responsibility and threatened to leak about 3.6TB of data covering student and staff information from thousands of schools unless a ransom was paid. In Australia, multiple universities and schools were affected, leading to assignment extensions. Instructure said the attackers exploited a vulnerability in its Free for Teacher software to deface login pages and alert users. The company stated the data was returned and that digital confirmation of destruction was provided through shred logs, though complete certainty is not guaranteed.
Read at www.theguardian.com
Unable to calculate read time
Collection
[
|
...
]