Final exams were already stressful enough. Then thousands of students across the US opened Canvas and found a ransom note instead of their coursework.
For several hours on Thursday, the education platform used by schools like Harvard, Columbia, Georgetown, and the University of Michigan suddenly went offline. Professors couldn’t upload materials. Students couldn’t access assignments, lecture notes, or revision guides. Some schools even pushed back exams and deadlines because the disruption hit right in the middle of finals season.
Behind the outage was a hacking group called ShinyHunters, which claimed responsibility for breaching Instructure, the company behind Canvas.
And this wasn’t just a simple website outage.
Earlier in the month, Instructure admitted it had suffered a cybersecurity incident involving stolen student and teacher data. According to the company, exposed information included names, email addresses, student ID numbers, and even messages exchanged between students and teachers. Then, days later, students logging into Canvas were greeted with a direct message from the hackers themselves.
“The group said it had hacked Instructure ‘again’ after the company failed to contact it to resolve its security issue.”
That detail changed the mood completely. What first looked like a technical outage quickly started feeling more personal and more aggressive.
According to ransom notes shared online, ShinyHunters claimed to have data linked to nearly 9,000 schools and hundreds of millions of users. The group threatened to leak “several billions of private messages among students and teachers” if negotiations didn’t happen by May 12.
For students, though, the bigger issue was immediate panic.
One student from the University of Pennsylvania said they were suddenly logged out while studying for finals. Another student described the outage as “a little bit of a freakout.” At MIT, professors reportedly scrambled to manually find students’ email addresses because Canvas had become the central link between staff and students.
That’s the part that stands out most about this story. Platforms like Canvas quietly became the backbone of modern education. Lecture recordings, assignments, grades, announcements, revision notes, class discussions — everything lives there now. When the system goes down, an entire academic workflow freezes with it.
And hackers know that.
Education platforms have increasingly become attractive targets because schools hold enormous amounts of personal data but often don’t have the same cybersecurity budgets or response systems as banks or major tech firms. Groups like ShinyHunters understand the pressure too. Disrupting a platform during exam season creates urgency fast.
Instructure later said Canvas was “fully operational” again for most users, but the incident leaves a bigger question hanging over schools everywhere: what happens when one platform becomes too important to fail?
Because for many students this week, losing access to Canvas didn’t just feel like a server issue. It felt like losing access to school itself.
Ogbonda Chivumnovu
