EdTech

A courthouse with magnifying glass over its dome, padlock on a broken chain, stack of files closing.

shinyhunters

Instructure Paid the Ransom. Congress Just Opened an Investigation.

Instructure paid ShinyHunters on May 11 to delete 3.65TB from 8,809 schools. Congress opened an investigation the same day. The vendor-paid-ransom precedent for SaaS is now set.

12 May 2026

A laptop with a defaced login screen, three schoolhouse silhouettes connected by lines, a "MAY 12" calendar tile, and a red-orange accent dot.

shinyhunters

Canvas Defaced Worldwide: ShinyHunters Tells Schools to Pay Up Individually by May 12

ShinyHunters defaced Canvas login pages worldwide on May 7 — disrupting finals week at Harvard, Penn, Duke, and Virginia Tech. The group claims 275 million records from 9,000 schools and is now telling individual schools to negotiate ransom payments by May 12. Instructure had declared the May 1 incident contained

08 May 2026

Burnt orange background with a central white laptop showing a warning triangle, surrounded by a graduation cap, an open book, and a wrench. Red-orange dots mark each focal point.

Cyber Attacks

Canvas Maker Hit With Second Security Incident in Eight Months

Instructure says its forensics team believes the latest attack is contained — but won't yet say what's been touched.

03 May 2026

A graduation cap silhouette with a digital fishing hook snagged on the tassel.

Data Breaches

ShinyHunters Hits Udemy: 1.4M Records After ADT Breach

Same group behind ADT 10M breach claims 1.4M Udemy users via SaaS vishing. Education sector PII and corporate data at risk. April 27 leak deadline looms. SAN FRANCISCO, CA — Less than a week after the ADT data breach exposed 10 million records, the notorious threat collective ShinyHunters has claimed

25 Apr 2026

A minimalist white line art document icon with a padlock being scanned by a geometric searchlight on a solid deep forest green background.

Data Breaches

LACOE Probes Potential Exposure of Employee Tax Records

The Los Angeles County Office of Education (LACOE) has launched a forensic investigation into potential unauthorized access to its tax document portal after fraudulent tax returns were reportedly filed in the names of school district employees. DOWNEY, CA — The Los Angeles County Office of Education (LACOE) is investigating a potential

23 Apr 2026

An open book and a cloud with an unlocked padlock on a yellow background, symbolizing the McGraw Hill breach.

Data Breaches

McGraw Hill Confirms Data Exposure Linked to Salesforce Misconfiguration

The education publishing giant is the latest victim of a widespread cloud configuration issue, with reports suggesting up to 13.5 million accounts may be impacted by an extortion-linked breach. NEW YORK, NY — McGraw Hill, one of the world’s "Big Three" educational publishers, has confirmed a significant

16 Apr 2026

A diploma scroll breaking into red data blocks as a large red hand pulls it apart, symbolizing data theft or cyberattack on sensitive information.

Data Breaches

Kaplan North America Notifies Users Following Data Breach

Educational services provider Kaplan North America, LLC has begun notifying an undisclosed number of individuals following a cybersecurity incident that exposed sensitive personal information. The breach, which was identified in early March 2026, has already triggered multiple class-action investigations and legal filings across several jurisdictions. Incident Discovery and Data Exposure

29 Mar 2026