Hackers deface school login pages after claiming to have hacked Instruction

Tuesday, higher education technology Instructure disclosed the data breach where hackers steal students’ personal information, including their names, email addresses, and messages sent between teachers and students.

Now, it appears hackers have managed to compromise Education again – this time compromising multiple school login pages on the company’s Canvas platform, which allows schools to manage courses and services and communicate with students.

TechCrunch spotted a message posted by a cybercrime group ShinyHunters on the Canvas login pages of three different schools. A review of the compromised portals suggests that the hackers injected an HTML file that modified the user interface to display their message.

The message says the hackers will release the stolen data on May 12 if the company “does not negotiate a settlement.”

At the time of writing, the Instructure website appears to be a bit offline, sometimes throwing up “too many” errors. The company’s Canvas portal displayed a notice saying it was “currently under construction.”

Education did not immediately respond to TechCrunch’s request for comment.

ShinyHunters He previously claimed responsibility for the hacker, announcing on his leak page – a website hackers use to spread stolen information and force victims to pay a ransom – in an attempt to seize Instructional to pay to keep the data from going public. This new apparent hack, and the fact that the hackers chose to inform TechCrunch of the compromised login pages, shows that the hackers are trying to raise the pressure on Instructure and its customers, hoping to force them to do what they want.

It is unclear how the hackers were able to compromise the login pages. When contacted, a member of ShinyHunters told TechCrunch that he could not comment, but said this is a second, separate breach.

Following the initial breach of Instructure, the hackers reportedly hacked nearly 9,000 schools worldwide, with the stolen files reportedly containing the personal information of 231 million people.

The group has conned countless people over the past few years, following the same financial playbook: hack, advertise, and extort.