Underlines News
Underlines News

Technology & Science

ShinyHunters Ransom Note Shuts Down Canvas LMS Worldwide

On 7 May 2026 the cyber-extortion gang ShinyHunters hijacked Canvas portals across thousands of schools, forcing Instructure to pull the learning platform offline and giving institutions until 12 May to pay or see stolen data dumped.

By Underlines Team

Focusing Facts

  1. Instructure moved Canvas, Canvas Beta and Canvas Test into “maintenance mode” at 2:41 p.m. MT on 7 May 2026 after the ransom banner appeared.
  2. Instructure’s 4 May disclosure said the attackers extracted users’ full names, email addresses, student ID numbers and in-platform messages, but not passwords or financial data.
  3. Canvas reports over 30 million active users at more than 8,000 institutions, many of which were in the middle of spring final exams when the outage hit.

See how 3 sources reported this story.

Where they agree. Where they disagree. What they left out.

  • Full multi-perspective analysis on every story
  • Primary source links for every claim
  • Daily email briefing — no algorithm

Perspectives in this article

  • National mainstream media outlets
  • Local and regional U.S. news outlets focusing on affected campuses
  • Industry-oriented or corporate-statement driven coverage
Share

Related Stories

Global & US Headlines

US Retaliates After 3 Destroyers Targeted, Testing 1-Month Hormuz Ceasefire

Global & US Headlines

May 8 Missile–Naval Clash Shreds U.S.–Iran ‘Cease-fire’ as Israel Hits Proxies

Global & US Headlines

US–Iran Float 14-Point Interim Pact to Reopen Strait of Hormuz