Instructure, Canvas’s parent company, shut down all servers following a cyberattack on many of its sites, Trinity Information Technology Services announced to students, faculty and staff on May 7. Service returned later the same day.
Across the country, universities have reported being part of a 3.75 terabyte data breach targeting educational institutions that use Canvas. The cybercrime group demanded payment from affected universities by May 12, threatening to leak their users’ data. The group did not breach Trinity’s data, but the large-scale attack caused Instructure to shut down every school’s servers.
Previous attacks, including one in late April and the beginning of May, have stolen private messages and personally identifying information, but the breadth of Thursday’s breach is unclear.
A data-theft and breach-focused group called the “ShinyHunters,” who became prominent in 2020 for the theft of over 200 million records from 13 different companies, claimed responsibility for the breach. Users at affected universities were redirected to a message from the group, but Trinity affiliates were not redirected to this message.
A link was provided to a list of schools whose data had already been leaked from previous attacks, including San Antonio schools like University of Incarnate Word, St. Mary’s University and University of Texas San Antonio. This list does not include Trinity.
ITS did not respond for comment by the time of publication.
*This story was updated on May 8 to correct multiple factual inaccuracies. Trinity’s data was not breached; the website closure was caused by Instructure shutting down its servers. Trinity users were not directed to the ShinyHunters message, and Trinity was not asked to pay the cybercrime group. We apologize for the inaccuracies in this article, and we remain committed to accurate and truthful reporting.
