Edtech Company Instructure Reveals Data Breach Following Ransom Demands

Post Views: 9

Data Breach at Instructure Exposes Sensitive Information

Instructure, a leading education technology company, has disclosed a recent data breach caused by a cyberattack that disrupted services and exposed sensitive user information.

According to Instructure, the breach occurred on April 30, with the company’s Canvas learning platform being severely impacted. The cyberattack, attributed to external hackers, resulted in unauthorized access to personal information, including names, addresses, and student identification numbers. User messages were also compromised during the breach. However, Instructure assured that passwords, dates of birth, government identifiers, and financial information were not accessed.

Immediate Response and Containment Measures

Upon discovering the breach, Instructure swiftly mobilized its team to contain the incident. The company announced that it had retained external forensics experts to investigate the matter and was working closely with them to determine the full extent of the breach.

Revoking privileged credentials and access tokens
Deploying security fixes
Implementing enhanced monitoring
Issuing new application keys, requiring users to reauthenticate access to tools

ShinyHunters Extortion Group Claims Data Theft

The notorious ShinyHunters extortion group added Instructure to their leak site on May 3, claiming the theft of 3.65 terabytes of data. The threat actor alleged that the stolen information belonged to 275 million students, teachers, and other individuals at nearly 9,000 education institutions worldwide.

Instructure confirmed the breach but declined to provide further details regarding the number of institutions and users affected. The company also refused to disclose information about the specific threat actor behind the incident.

Ongoing Investigation and Security Measures

Security teams and researchers continue to analyze the situation, providing updates on the ongoing investigation and potential implications for the affected parties. As the situation unfolds, stakeholders are advised to remain vigilant and monitor official announcements from Instructure for further guidance.