Canvas has been restored to Fullerton College students on Friday after a temporary shutdown because of a data breach. Students across the country received ransom messages aimed at the schools after the breach at Instructure, the developer of Canvas. Other schools continue to face issues with the application.
Fullerton College faculty and students received an alert on Monday that Instructure would be offline until further notice after a cybersecurity breach on May 1. According to the alert and Instructure, the breach was fully contained on May 2; however, students across the country are still unable to access their portals during the upcoming finals week.
The hacker group, ShinyHunters, claims that they have accessed user information and threaten to expose user data unless individual schools contact the group and reach a settlement.
According to screenshots from multiple students of a note left on Canvas by ShinyHunters, the group has previously breached the developer and has been “rooting” the Instructure system since 2019.
“ShinyHunters has breached Instructure (again). Instead of contacting us to resolve it, they ignored us and did some security patches,” they said in the note.
It states that any of the schools that were affected by this hack can contact them privately, or else they will leak private information of students across nearly 9,000 schools nationwide. According to the article, ShinyHunters have exfiltrated several terabytes of data of about 275 million users.
According to some students, Canvas is back up, and they can access their classes at Fullerton College. However, students at other schools are still unable to get any work done through their Canvas portals.
“I can log onto the website, but I’m not able to access my classes, and the app isn’t working,” said Andres Ortiz, an online student at Cerritos College. “I have a test today, and I don’t know if I’ll be able to take it on time.”
The hacker group gave Instructure a deadline to contact them by May 12, or they will release any obtained information.
“It is possible that some information about users was obtained,” said NOCCCD Vice Chancellor Jennifer Vega La Serna in an email to faculty. “Information involved in this incident consists of certain identifying information of users at affected institutions, such as names, email addresses, and student ID numbers, as well as messages among users.”
In the email, La Serna claims that Instructure has found no evidence that passwords, birthdates, government identifiers and financial information were breached by the hackers.
The email also outlined general precautions to take, including suspicious emails and messages, and to keep a lookout for phishing attempts by looking at the emails of the senders to verify the legitimacy, instead of relying on the names.
On May 7, a system alert was sent out via MyGateway advising students not to attempt to log into their Canvas accounts until further notice and not to download any files if they are met with the option.
NOCCCD removed the option to get to Canvas through MyGateway until further notice. As of the most recent alert on Friday, the option to get to Canvas through the portal is available, and Canvas is running normally. District officials warn users not to enter their username or password on a Canvas page that does not redirect through the official MyGateway multi-factor authentication.
Faculty are asked to be flexible with students when it comes to assignments due to the outage and to lower the risk of students potentially having their information being leaked. It is also communicated to consider temporary methods for instructional continuity.
According to FC Campus Communications Director Miranda Bates, the district security team is working with the California Community Colleges Chancellor’s Office to continue closely monitoring the situation.
Instructure and NOCCCD have not responded for comment.
