ShinyHunters, a prolific criminal hacker and extortion group, has provided additional details about its recent breach of Canvas, a learning management system developed by Instructure.
The group claims that nearly 9,000 educational institutions are affected by the breach, which includes the personal information of 275 million users. On May 1, ShinyHunters announced that it had exfiltrated several terabytes of data and set a deadline for payment before "everything is leaked and there will be no chance at a negotiation for anyone."
Deadline Extension and Negotiation
On Thursday, the group presented a second message to Canvas users and extended the deadline for payment until May 12. The note reads, "ShinyHunters has breached Instructure (again). Instead of contacting us to resolve it they ignored us and did some 'security patches'."
The group advised affected schools to consult security professionals and use the Tox messaging protocol to negotiate a "settlement." An attached list of affected institutions includes many school districts, along with well-known universities, such as Cambridge, Columbia, Cornell, Georgetown, Harvard, MIT, and UC Berkeley.
Affected Data and Organizations
There are mixed reports of exactly which organizations are affected and what sort of data is included in the breach. According to Tech Radar, affected data includes names, email addresses, student ID numbers, and user communications, but passwords, dates of birth, and financial information were not involved.
Instructure has not commented on the breach, and it is unclear what steps the company has taken to address the situation. The breach highlights the importance of cybersecurity in the education sector, where sensitive information about students and staff is often stored.
Impact and Response
The breach has significant implications for the affected schools and universities, which must now take steps to protect their students' and staff's personal information. This may involve notifying those affected, providing credit monitoring services, and reviewing their cybersecurity protocols to prevent similar breaches in the future.
ShinyHunters' actions have sparked concern about the group's motives and the potential consequences of their actions. The group's demand for payment in exchange for not releasing the stolen data has raised questions about the ethics of negotiating with hackers and the potential long-term consequences of such actions.
Cybersecurity Measures
The breach serves as a reminder of the importance of robust cybersecurity measures in the education sector. Schools and universities must ensure that they have adequate protections in place to prevent similar breaches, including regular security audits, employee training, and incident response plans.
Furthermore, the use of secure communication protocols, such as Tox, and the implementation of encryption technologies can help to protect sensitive information. The education sector must prioritize cybersecurity to prevent similar breaches and protect the personal information of students and staff.
The situation is ongoing, and it remains to be seen how Instructure and the affected schools and universities will respond to the breach. One thing is certain, however: the breach highlights the need for increased cybersecurity awareness and protection in the education sector.
- ShinyHunters claims nearly 9,000 schools are affected by the breach.
- The breach includes the personal information of 275 million users.
- Affected data may include names, email addresses, student ID numbers, and user communications.
- Passwords, dates of birth, and financial information were not involved in the breach.
The incident has sparked concern about the potential consequences of the breach and the need for increased cybersecurity awareness in the education sector. As the situation continues to unfold, it is essential for schools and universities to prioritize cybersecurity and take steps to protect sensitive information.
Source: CyberScoop