Educational technology company Instructure has confirmed that user data was compromised following a cyberattack, while the cybercriminal group ShinyHunters has claimed responsibility for the breach.
The U.S.-based firm is widely recognized for developing Canvas, a popular learning management platform used by schools, universities, and organizations to manage online coursework, assignments, and communication.
The company revealed on Friday that it had experienced a cybersecurity incident and had begun an investigation with the assistance of third-party cybersecurity specialists and law enforcement authorities. A follow-up statement issued on Saturday confirmed that certain user information had been exposed during the breach.
“While we continue actively investigating, thus far, indications are that the information involved consists of certain identifying information of users at affected institutions, such as names, email addresses, and student ID numbers, as well as messages among users,” reads the updated statement.
“At this time, we have found no evidence that passwords, dates of birth, government identifiers, or financial information were involved. If that changes, we will notify any impacted institutions.”
As part of its mitigation efforts, Instructure said it has implemented security patches, enhanced monitoring systems, and rotated application keys as a preventive measure. Customers have also been instructed to re-authorize access to the company’s API so that new application keys can be issued.
Although the company has not publicly addressed questions regarding the exact timing of the breach or whether it was facing extortion demands, ShinyHunters has added Instructure to its data leak platform.
“Nearly 9,000 schools worldwide affected. 275 million individuals data ranging from students, teachers, and other staff containing PII,” reads the data leak site.
“Several billions of private messages among students and teachers and students and other students involved, containing personal conversations and other PII. Your Salesforce instance was also breached and a lot more other data is involved.”
According to the cybercrime group, the breach occurred through a vulnerability in Instructure’s systems that has since been fixed. The hackers allege that the stolen information includes more than 240 million records linked to students, teachers, and staff members.
The leaked data is said to contain names, email addresses, enrolled course details, and private conversations between students and teachers. Information shared by the threat actors suggests the dataset may cover nearly 15,000 institutions across regions including North America, Europe, and Asia-Pacific.
At present, the full scope of the incident remains unverified, and independent confirmation regarding the number of affected schools and individuals has not yet been established
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: