Edtech Company Instructure Reveals Data Breach Following Cybersecurity Threats
Instructure Discloses Data Breach Following Hackers’ Leak Threats
On April 30, education technology company Instructure reported a data breach stemming from a recent cyberattack.
“The attack was carried out by hackers who gained access to sensitive information, including names, addresses, and student ID numbers.” – Instructure statement
The incident, which occurred over the weekend, disrupted services reliant on API keys but was largely resolved by May 3, when access to the Canvas Data 2 platform was restored.
- The cyberattack was attributed to the notorious ShinyHunters extortion group, who boasted that they stole 3.65 terabytes of data.
- Investigation revealed that the attackers accessed Instructure’s Salesforce instance, potentially affecting 9,000 education institutions worldwide.
- While the exact number of institutions and users impacted remains unclear, Instructure stated that it is working closely with forensic experts to understand the extent of the breach and mitigate its effects.
- As a precautionary measure, Instructure reissued application keys, requiring users to reauthorize access to tools.
- The company also revoked privileged credentials and access tokens, deployed security fixes, and enhanced monitoring to prevent similar incidents.
Security researchers and experts are urging organizations to maintain robust security protocols and stay vigilant against increasingly sophisticated threats, particularly in the education sector.
“Organizations must adapt their defense strategies to address the evolving threat landscape, involving advanced threat detection, regular security audits, and employee training to ensure a culture of security awareness within the organization.” – Security expert
Instructure’s experience serves as a stark reminder of the importance of proactive cybersecurity measures and the need for organizations to prepare for potential breaches.
About Author
English