Hacked educational platform partially restored for millions of students 

An educational platform used by thousands of schools and universities has been partially restored following an international cyberattack that caused major chaos as students prepare for end-of-year exams.

ShinyHunters, a hacking group, claimed responsibility for crashing the web-based educational platform Canvas, created by tech firm Instructure.

The group said it had stolen 3.5 terabytes of data, including names, email addresses, student ID numbers and private messages, and threatened to release this if ransoms were not paid by May 12.

Instructure’s website said on Saturday that Canvas is now “available for most users” and no incidents were reported on Saturday. It is not clear if a ransom was paid.

The University of Sydney reported on Saturday that Canvas had been restored but was not yet “accessible to staff or students, as we need to complete checks”.

Canada’s University of Alberta said Canvas was partially restored with “reduced functionality”.

The countries that have been affected include the United States, the Netherlands, Sweden, Australia and the United Kingdom.

According to Canvas, about 30 million people across the globe use its system. The breach reportedly targeted close to 9,000 institutions across the globe.

The Federal Bureau of Investigation said it was “aware of a service disruption” impacting a learning system, although it did not name Canvas, in a statement Friday.

“This disruption has impacted schools, educational institutions, and students across the country,” it said.

Al Jazeera’s correspondent in Florida, Phil Lavelle, said the hack could not have “come at a worse time” as many US schools are in the middle of exam season.

Institutions like Penn State, Harvard, Illinois, Columbia and Georgetown are all “scrambling” to extend or change exam deadlines, said Lavelle.

The Harvard Crimson, a student newspaper, said it could not access the platform since Thursday, with the University of Cambridge also saying it had “temporarily suspended access” to Canvas on Friday.

The Reuters news agency reported that, on May 5, the group posted a message saying Instructure had “not even bothered speaking to us” to prevent a data leak, and that their demand “was not even as high as you might think it is”.

The group is a global cybercrime syndicate that was established in 2019.

Over the years, they have claimed responsibility for cyberattacks, with the most recent data breach being Rockstar Games, a gaming giant that owns Grand Theft Auto.

“This goes to show how vulnerable schools are, how vulnerable other institutions are by individuals who seek to exploit or extort at the worst possible time – armed with just a keyboard and a mouse,” said Lavelle.