Hacking Group Disrupts Canvas Platform Nationwide, Stranding Students During Finals Week
A cyberattack on Canvas, one of the most widely used digital learning platforms in the country, left millions of students unable to access course materials, grades, and assignments during a critical stretch of the academic calendar Thursday — with the disruption hitting squarely in the middle of spring finals week at universities across the United States.
Students logging into their Canvas accounts were greeted not by coursework but by a ransom note from a hacking group calling itself ShinyHunters, which claimed responsibility for the breach and demanded contact from parent company Instructure before a May 12 deadline. The group warned of further data leaks if the company did not respond.
Instructure, which operates Canvas, acknowledged the disruption and placed the platform in what it described as “maintenance mode” while investigating. The company confirmed a separate cybersecurity incident occurred May 1, in which user names, email addresses, and student ID numbers were accessed before the breach was reportedly contained the following day. This week’s attack marks the second such incident within roughly two weeks.
Canvas serves more than 30 million active users at more than 8,000 institutions globally, making any prolonged outage a significant disruption — but the timing of this attack, during finals, amplified the impact considerably.
Universities and School Districts Nationwide Report Impact
Major institutions including Columbia University, Rutgers, Princeton, Harvard, Georgetown, and Kent State issued alerts to students acknowledging the widespread nature of the attack. School districts in more than a dozen states — including California, Florida, Georgia, Oklahoma, Oregon, Nevada, North Carolina, Tennessee, Utah, Virginia, and Wisconsin — also reported their Canvas sites were affected.
James Madison University went so far as to reschedule exams, pushing Friday testing to the following Wednesday to give students and faculty time to regain access to materials they needed.
While Idaho State University has not been named among the institutions publicly issuing statements as of publication, the breadth of the attack — spanning public school districts, community colleges, and large research universities — raises questions about how dependent schools at every level have become on a single digital platform. Idaho State University recently hosted the 2026 Eastern Idaho Science Olympiad, an event that drew student teams from across the region and underscored the university’s role as a hub for regional academic activity.
Students and Faculty Scramble for Alternatives
For many students, Canvas is not simply a convenient tool — it is the primary or sole channel for receiving assignments, submitting work, accessing lecture recordings, and communicating with instructors. The attack exposed just how deeply embedded the platform has become in daily academic life.
A junior at the University of Pennsylvania described being abruptly locked out of his account while studying and said the loss of access to study resources was the source of significant anxiety heading into exams. His professors, he noted, worked to distribute materials through alternative means.
A Georgetown University sophomore who had already returned home said her school’s Canvas homepage was replaced by a ransom note Thursday afternoon. While acknowledging that many classmates were distressed, she noted the incident resulted in deadline extensions that gave her additional time to review her work.
A senior at the University of California, Riverside, said she missed a quiz entirely due to the outage and expressed concern about an upcoming midterm for which she needed Canvas to review lecture recordings and course notes.
Perhaps most telling was the observation from a student at the Massachusetts Institute of Technology, who noted that faculty were scrambling to find student email addresses — a basic communication tool — because virtually all contact had migrated exclusively to Canvas. The incident highlighted a systemic vulnerability: when a single platform goes down, institutions lose not just a submission tool but their entire communication infrastructure with students.
Another MIT student noted that while some course content is hosted on outside websites, Canvas remains the central hub for grading, submissions, and class-wide announcements — making alternatives feel like a significant step backward in terms of functionality.
For graduating seniors at schools like Columbia, caught between end-of-year celebrations and looming final exams, the hack came at what one student called the worst possible time — particularly for those who had not yet begun intensive study preparation.
What Comes Next
ShinyHunters has set a deadline of May 12 for Instructure to make contact, warning that failure to respond could result in additional data disclosures. Instructure had not publicly confirmed direct communication with the group as of Thursday evening. Students and faculty at affected institutions are encouraged to check with their schools directly for guidance on exam schedules, deadline extensions, and alternative submission procedures. The full scope of compromised data from both the May 1 and May 8 incidents remains under investigation.