Canvas pays hackers to delete stolen student data after security breach
Canvas, the learning management system used by thousands of colleges and universities worldwide, has reached an agreement with hackers to delete stolen student data following a major security breach. The company confirmed it negotiated with the criminals responsible for the disruption affecting educational institutions globally.
TechnologyCanvas, one of the world's most widely used learning management platforms serving thousands of educational institutions, has confirmed it reached an agreement with hackers who conducted a significant cyberattack on the system. The breach disrupted access to Canvas across numerous colleges and universities, affecting millions of students and educators globally.
The company stated it has negotiated with the criminal group responsible for the attack, with the agreement involving payment to ensure the deletion of stolen student data. This approach represents a pragmatic but controversial response to the security incident, as it involves direct financial transactions with threat actors.
The Canvas platform, developed by Instructure, is relied upon by educational institutions to manage courses, assignments, grades, and student communications. The breach highlighted vulnerabilities in critical educational infrastructure and raised concerns about the security of sensitive student information stored on the platform.
The incident sparked broader discussions about cybersecurity in the education sector and the effectiveness of incident response strategies involving ransom payments. Educational institutions worldwide have been reassessing their data protection measures and cybersecurity protocols following the Canvas breach.
Open in app →