Hackers steal students’ data during breach at education tech giant Instructure
Source: TechCrunch
Breach Overview
Education tech giant Instructure has confirmed a data breach affecting students’ private information. The hacking and extortion gang ShinyHunters claimed responsibility for the breach.
The hackers say they stole:
- Students’ names
- Personal email addresses
- Messages sent between teachers and students
These are the same types of data Instructure admitted were stolen.
ShinyHunters Activity
Instructure is the latest corporate giant targeted by ShinyHunters. In recent months the group has:
- Targeted universities – see the breach at Harvard and UPenn:
- Attacked cloud database companies – e.g., Salesforce:
Their typical approach involves stealing large amounts of personal information and threatening to publish it online unless a ransom is paid.
Sample Data Provided to TechCrunch
A ShinyHunters member shared a sample of the stolen data that included information from two U.S. schools (one in Massachusetts, one in Tennessee):
- Massachusetts school: messages containing names, email addresses, and some phone numbers.
- Tennessee school: students’ full names and email addresses.
The sample did not contain passwords or other data that Instructure said were unaffected by the breach. The schools were not named, as they have not been confirmed as victims.
Both schools appear to use Instructure’s Canvas platform, which supports coursework management, assignments, and communication.
Scope of the Alleged Breach
ShinyHunters also released a list of about 8,800 schools allegedly affected. TechCrunch could not verify whether all listed institutions are Instructure customers. Instructure’s website states it serves over 8,000 institutions: .
On the hackers’ data‑leak site, they claim the breach impacted close to 9,000 schools worldwide and the data of 275 million people (students, teachers, staff). In an online chat, a ShinyHunters member told TechCrunch that the total unique email addresses in the stolen data amount to 231 million. Such figures are often exaggerated by financially motivated groups to attract media attention and pressure victims.
Instructure’s Response
When contacted, Instructure spokesperson Kate Holmes redirected inquiries to the company’s official status page: where updates on the breach are posted.
As of Tuesday, Instructure reported that some products, including Canvas, have been restored for customers after maintenance.