The widely used education platform Canvas faced a major ransomware attack this week, which caused significant disruptions to thousands of schools across the U.S. The breach forced universities like Harvard and Columbia into ‘maintenance mode’ as they grappled with student logins and assignments.

Instructure, the company behind Canvas, experienced a cybersecurity incident in May 1st and revealed that the stolen data included names, email addresses, student IDs and messages from students. However, it was only on Thursday when the full impact hit, as schools reported difficulties logging into their portals and Canvas itself went offline for some users.

Adding to the chaos, hackers behind the ShinyHunters moniker defaced some schools' login pages with their own message, threatening that data would be released if a ransom was not paid by May 12. The company did not respond immediately to these demands, highlighting the ongoing issue of data extortion in tech.

While Instructure marked Canvas as fully operational on Wednesday, Thursday’s issues were a stark reminder of how critical online learning platforms can be and the potential for attacks to disrupt entire educational systems. As cyber threats continue to evolve, so too must our preparedness and response mechanisms.