The strike of the instruction is against the destroyers who have violated it twice

Education, which makes the popular school information site Canvas, said on Tuesday it had “contracted” with hackers who breached its systems twice, stole information about students and staff, and compromised thousands of schools that rely on the company’s software.

ShinyHunters, an online financial services group, took credit for a data breach on April 29, saying it stole student and employee information, including personal information, of 275 million people. The hackers said they compromised Canvas, which nearly 9,000 schools use to manage their student data and curriculum.

Hackers last week breached the company again, disrupting Canvas login pages on school websitesas part of an attempt to force the company to pay their ransom.

The instruction said his event page late Monday that as part of the agreement, the hackers provided evidence that the stolen data was destroyed, and that Canvas customers would not be affected.

The company admitted that “there is no absolute guarantee” when dealing with cybercriminals, but it also noted that customers should not be dealing with hackers.

The financial terms of the deal were not disclosed, and Instructure did not say how much it paid. Education spokesman Brian Watkins did not respond to a request for comment, or respond to questions about the contract when contacted Tuesday.

In a post on its leak page, seen by TechCrunch, ShinyHunters threatened to release the hacked data it stole from Instructure if the company didn’t pay what it demanded.

By Tuesday, the listing had been removed from the ShinyHunters website, suggesting that a ransom may have been paid.

A representative for ShinyHunters told TechCrunch: “Deleted, gone. The company and its customers (sic) will not be monitored or contacted by us for payment.”

It is unclear why Instructure paid the hackers. Governments, including the United States, have he encouraged victims of cyberbullying not to pay ransom to hackers, as this helps cybercriminals profit from their attacks. Security researchers have disputed that Victims will not believe the words of the perpetrators – some cyber criminals have been discovered storing stolen data although it is said that he removed it in order to continue extorting the victims.

The Instructure hack marks a cyberattack on PowerSchool, which was affected by a major data breach impacting 70 million students and employees in 2024. PowerSchool, which also develops school information software, paid the hackers to return stolen data, but several of his clients were later he was taken over by another criminal group which shows the data from the breach that was not destroyed.

The FBI said in a sentence last week that it was “aware” of the system disruption affecting schools and educational institutions around the United States. The notification did not name Canvas, but it said that victims should not “send payments or respond” to the demands of cybercriminals.

The information stolen from Instructure, some of which TechCrunch has seen, includes students’ names, their email addresses, and messages exchanged by teachers and students, including private and personal information.

On its website, Instructure acknowledged that hackers had breached the company’s systems twice in less than a year, but said the two breaches were “separate incidents” involving different systems.

Instructure said it is still investigating the breach and confirming its findings.

It is unclear who at Instructure is in charge or responsible for cybersecurity, if not the company’s CEO, Steve Daly. When contacted by TechCrunch, Instructure would not say whether Daly plans to resign following the data breach.

Are you a Canvas administrator or school notified of a breach? Have you ever received malicious requests from hackers? We want to hear from you. To connect to this reporter securely, access it through the Signal username zack whittaker.1337.