On Thursday, May 7, students across Wake County opened Canvas to a screen informing them that the platform had been hacked. The large-scale group “ShinyHunters” claimed responsibility for the outage and urged Instructure to contact them and pay a ransom to prevent an intentional data leak by May 12. As of Monday, May 11, students are still without access to Canvas in their portals, forcing teachers to find alternative methods of publishing and grading assignments.
Canvas is an educational platform used by an estimated 41% of educational institutions, including over 8,000 schools, colleges and universities globally. The organization allows teachers to publish assignments, as well as providing a secure place for students to submit them. Additionally, it is used for various testing purposes through its secure lockdown feature. Because of this data breach, many student finals were rescheduled or canceled across the country.
Canvas servers were initially flagged for suspicious activity on April 25, 2026, carried out by a criminal threat actor. Instructure noticed the activity on April 29 and immediately removed access for the attacker. It is reported that personal data of students and staff may have been accessed, but it is unlikely that passwords, financial information, birthdays or other confidential information were taken.
The group responsible for the incident, ShinyHunters, was started in 2019 and is linked to larger hacking groups online. They have hacked many other platforms in the past, including Mathway, Pixlr, AT&T Wireless, Powerschool and more. They claimed to have taken data from Microsoft as well, and have targeted college and university data from Princeton, Harvard and more.
Many students were initially worried about the hack, as their personal information was at risk. One student, Samuel Combs (‘26), gave his opinion on what had happened. His initial reaction was annoyance, as he was in the middle of assignments for his class, but he quickly became worried when he realized the potential gravity of the situation.
He discussed how, “Canvas has so much of our personal information, and that’s now in unsafe hands, which scares me,” parroting the feelings that many other students have expressed. He then went on to explain what precautions and next steps that he hoped WCPSS would take. “I hope they deal with the issue in whatever way protects their student’s safety and privacy the most effectively,” Combs expressed.
The issue has affected both teachers and students academically over the duration of the attack, and Combs discussed how, “It closed off some resources, but the classes I am in aren’t entirely reliant on it, so if anything, it was just inconvenient.” While Combs wasn’t affected much, many teachers saw their main platform for teaching shut down, and had to turn to alternative methods. Many teachers gave students links to resources or calendars, while others turned to paperwork.
Although access to Canvas is still limited for students and staff within WCPSS, many other schools across the country have opened access to their Canvas pages, and WCPSS is expected to soon follow. Until then, other methods have to be utilized by teachers to continue teaching.
