A hacker has claimed to compromise edtech giant Instructure, saying it stole over 280 million records of students and staff from around 8,809 school, colleges, and online education platforms.
About Instructure
It is a cloud based edtech company famous for its Canvas LMS which is used by education institutes to handle academic work like grading, communications, and assignments.
About the hack
Recently, Instructure revealed that it was hacked; emails, users’ names and private conversations were leaked.
ShinyHunters gang the alleged culprit
The ShinyHunters extortion gang claimed responsibility for the attack and says it stole 280 million records for students, teachers, and staff.
Academia suffered damage
The threat actors have now published a list of 8,809 school districts, universities, and educational platforms whose Canvas instances were allegedly impacted by the attack, sharing record counts per institution with BleepingComputers.
According to Bleeping Computers, “the record counts for each educational institution range from tens of thousands to several million per institution.”
Attack tactic
The hacker claims that the data was stolen through Canvas. Instructure has not replied to Bleeping Computers’ emails, but a few universities have started releasing statements regarding the matter. “BleepingComputer is not naming specific organizations listed by the threat actor, as we have not independently verified whether they were impacted by the breach,” it said.
Bleeping Computers added that the “threat actor
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: