Instructure claims hackers returned stolen Canvas data after an extortion standoff

Instructure, the company behind the popular education platform Canvas, has reportedly resolved a tense standoff with hackers who claimed to have stolen sensitive data during a prolonged cyberattack. The attackers had defaced the platform's login page and threatened to leak the stolen data, prompting Instructure to take Canvas offline temporarily. Following an agreement with the cybercriminals, the stolen data has been returned, according to Instructure¹. The incident highlights the vulnerability of education technology platforms to cyber threats, which can have significant consequences for schools, students, and teachers. The resolution of the standoff may have prevented a potentially disastrous leak of sensitive information, but it also raises questions about the security measures in place to protect such platforms. This incident matters to cybersecurity practitioners because it underscores the need for robust security protocols to prevent and respond to cyberattacks on critical infrastructure, such as education platforms.