Subtitle Icon
Blog Tag

FERPA Compliance

AI Agents
API Security
Audit and Advisory
Automation Risk
Azure Security
Best Practices
Board Risk
Certification
Cloud Security
Compliance
Executive Risk & Board AdvisoryBlog Thumbnail
Blog Meta Icon
May 7, 2026
Blog Meta Icon
13 minute read

275 Million Users Exposed. 8,809 Schools Down. Instructure Calls It "Scheduled Maintenance."

On May 7, 2026, Instructure replaced an active ShinyHunters ransom message on Canvas with a fake “scheduled maintenance” page during finals week at 8,809 schools. This is the third Instructure breach in eight months — a pattern of failed customer service, failed honesty, and failed integrity that, when academic institutions depend on you, crosses into criminal dereliction of duty.

Vendor Risk
Vendor Transparency
Blog Meta Icon
Dipan Mann
Read