惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

D
Docker
爱范儿
爱范儿
人人都是产品经理
人人都是产品经理
博客园 - 司徒正美
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
量子位
罗磊的独立博客
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
小众软件
小众软件
C
Cybersecurity and Infrastructure Security Agency CISA
Cyberwarzone
Cyberwarzone
大猫的无限游戏
大猫的无限游戏
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
雷峰网
雷峰网
Simon Willison's Weblog
Simon Willison's Weblog
The Cloudflare Blog
博客园 - 三生石上(FineUI控件)
D
Darknet – Hacking Tools, Hacker News & Cyber Security
C
Cyber Attacks, Cyber Crime and Cyber Security
博客园_首页
博客园 - 叶小钗
V
Vulnerabilities – Threatpost
T
The Exploit Database - CXSecurity.com
T
Tailwind CSS Blog
IT之家
IT之家
博客园 - 聂微东
Spread Privacy
Spread Privacy
V2EX - 技术
V2EX - 技术
S
Security Affairs
宝玉的分享
宝玉的分享
V
V2EX
C
Cisco Blogs
博客园 - Franky
美团技术团队
酷 壳 – CoolShell
酷 壳 – CoolShell
月光博客
月光博客
S
Securelist
J
Java Code Geeks
Webroot Blog
Webroot Blog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
P
Proofpoint News Feed
Last Week in AI
Last Week in AI
L
LINUX DO - 热门话题
NISL@THU
NISL@THU
WordPress大学
WordPress大学
W
WeLiveSecurity
T
Threatpost
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
腾讯CDC
阮一峰的网络日志
阮一峰的网络日志

Security

Report: Business email compromise attacks surged dangerously in April Scope Systems confirms cyber incident, says no data loss occurred Instructure breach: ShinyHunters says ‘matter has been resolved’ Rapid7 launches Cyber GRC program to connect compliance with live risk data Australian federal budget 2026: The industry perspective Op-Ed: Microsoft May Patch Tuesday reveals 137 vulnerabilities Federal Budget 2026: The state of cyber security spending for the coming year OpenAI offers EU early access to its cyber security model Exclusive: Aussie firm Earth Systems listed by INC Ransom hacking group Op-Ed: Why Middle East tensions demand immediate action on OT security Institute of Public Accountants members hit by data breach Union demands answers on Qantas AI plans 1 in 3 small businesses don't think they're a cyber target, new research finds Exclusive: Aussie toy distributor listed by M3rx ransomware Exclusive: Australian Computer Society investigating possible breach after ShinyHunters hack claims The industry speaks – part 2: World Password Day 2026 Aussie schools breach: The Instructure hack “transcends an isolated IT incident” Exclusive: Aussie car part importer Strategic Imports allegedly breached by threat actors New South Wales, other states, investigating Instructure/Canvas data breach Australian Cyber Security Centre warns of ClickFix campaign leveraging Australian infrastructure Queensland Department of Education confirms students & staff impacted by ShinyHunters data breach ACMA takes action against SpinTel & Yomojo over mobile number fraud violations The Industry Speaks, Part 1: World Password Day 2026 Qualys and Converge tie cyber insurance pricing to real-time security posture Fakeout: Iranian APT caught hiding behind Chaos ransomware activity Exclusive: Australian energy management firm allegedly breached by SafePay Real estate giant Cushman & Wakefield confirms cyber incident, Qilin and ShinyHunters claim attack CrowdStrike expands Project QuiltWorks as more partners join AI security coalition Hacked: ALS discloses cyber incident, unauthorised access to IT systems Microsoft the main target of AI phishing attacks, report uncovers Attackers increasingly turning to trusted security tools to compromise Aussie victims Exclusive: Champion Homes confirms customer data compromised in “cyber event” Australia, Japan commit to partnership to meet cyber security challenges & strengthen cyber defences NSW Treasury cyber incident contained, impact no longer ‘significant’ WA rental scam surge: Tenants targeted with fake $500 discount trap Aussie Information Commissioner launches Privacy Awareness Week 2026 Unregistered branded text messages to be labelled ‘Unverified’ from 1 July Exclusive: Major Australian jewellery brand confirms cyber incident Watch this! Komari server monitor tool abused by hackers Act Now! ACSC warns of active exploitation of cPanel & WHM critical vulnerability Exclusive: Kiwi electrical contractor confirms cyber attack Exclusive: Prime Properties listed as breach victim by M3rx ransomware DigiCert launches AI Trust architecture to secure agents, models, and content Winners of the 2026 Australian Cyber Awards unveiled Op-Ed: Redefining performance in the AI-powered SOC NZ council cyber attack leads to ID and financial data being exposed Alert! Wave of fake toll, parking scams impacting countries worldwide, including Australia and New Zealand Vect unveiled: Inside an emerging ransomware group’s affiliate network Exclusive: Gelatissimo confirms unauthorised access, investigates DragonForce hack claims Aussie ice-cream franchise Gelatissimo suffers alleged hack by DragonForce Anthropic Mythos: The model, the myth and the mundane​ Report: Aussie small businesses doing it tough as job scams double, losses rise Cyber attacks on medical devices pose ‘significant’ impact on real-life patient care Twisted Firestarter! Aussie, US, and UK cyber agencies warn of Cisco malware campaign Generation Life informs customers of “cyber incident” as owner shares incident with ASX CBA launches new scam-finding AI agent Sri Lankan government hack sees $3.7m destined for Australia stolen CrowdStrike extends cloud threat detection to Google Cloud Hey big spender! Microsoft to invest $25bn in Australian AI infrastructure Genetec marks Sydney milestone with visit by high commissioner of Canada to Australia Rental platform under fire for collecting excessive personal data Exclusive: SA genealogical research firm confirms cyber incident following SafePay ransom claims PentenAmio announces acquisition of Armour Communications Exclusive: Aussie passports compromised in alleged Favelle Favco data breach Cutting edge: Anthropic’s Claude Mythos preview is a ‘double-edged sword’, expert says Treasury staffer charged for NSW government data breach Op-Ed: AI won’t patch the holes in your SOC Game on! More than a third of FIFA World Cup 2026 partners expose Aussies to email fraud risk Dark web markets: A complete Aussie identity costs as little as $200 Exclusive: NSW-based Strata Republic allegedly breached by Kairos ransomware group Mortgage fraud now harder to detect thanks to AI McGraw Hill confirms ShinyHunters breach, won’t confirm if any Aussie customers impacted Update now: Active exploitation of Nginx UI vulnerability CVE-2026-33032 underway National Defence Strategy 2026: Spending on military cyber capability to reach at least $15bn Exclusive: Qld pharmacy chain allegedly breached by Kairos ransomware Op-Ed: ASIO has broken its silence on cyber crime, and you should listen Too-hard basket: NIST to scale back CVE updates as vulnerabilities soar OpenAI launches GPT 5.4-Cyber in response to Anthropic Glasswing NZ racehorse auction stalled by cyber attack Op-Ed: Microsoft April Patch Tuesday reveals 167 vulnerabilities ADF joins international military exercise focused on cyber resilience and multi-domain operations OpenAI CEO’s home targeted in attempted drive-by just days after Molotov attack Exclusive: Aussie communications company Mastercom ‘aware’ of INC Ransom claims Booking.com confirms cyber incident, customer reservation data potentially compromised Report: Majority of CISOs not ready for the next big cyber attack Why Anthropic’s Project Glasswing matters, and what CISOs need to know WASTED! GTA developer Rockstar Games confirms hack as ShinyHunters demands ‘pay or leak’ Exclusive: Gunra ransomware lists Eric Davis Dental as breach victim Op-Ed: Why zero trust for OT should start at the boundary, not the boiler room Exclusive: NSW pharmacy management firm allegedly breached by INC Ransom US Treasury launches intelligence-sharing initiative with crypto companies Citigroup says AI speeds up new account openings Cyber war: Pro-Iranian hackers vow to fight on despite a fragile ceasefire with the US Exclusive: Victorian resort hotel allegedly breached by Space Bears ransomware Game on! Nationwide student competition aims to tackle Australia’s cyber skills gap Exclusive: Anubis ransomware gang claims hack of WA-based Shine Aviation Ransomware group claims hack of legal giant Jones Day Anthropic, partners announce Project Glasswing cyber security initiative Exclusive: Aussie tech firm Seeing Machines confirms potential cyber security incident Space Bears claims cyber attack on Sydney dental clinic
Aussie schools breach: Instructure boss “reaches agreement” with ShinyHunters to not release data
2026-05-12 · via Security

Education platform provider Instructure has been making news for all the wrong reasons over the last seven or so days, following a comprehensive breach of its Canvas platform by the ShinyHunters cyber extortion group.

Millions of students and educators have had their personal details compromised, and the Canvas platform itself – a popular cloud-based education portal used by schools around the world and across Australia – was taken offline for close to a week.

But while the hackers continued to apply pressure on Instructure and the many schools caught up in the breach, those schools themselves have been asking questions of the company’s response.

Now, the Instructure CEO, Steve Daly, has said he is aware of customer concerns and said his company has reached a compromise with the hackers.

“We know that concerns about the potential publication of data related to this incident remain top of mind for many customers. We understand how unsettling situations like this can be, and protecting our community remains our top priority,” Daly said in a May 11 statement.

“With that responsibility in mind, Instructure reached an agreement with the unauthorised actor involved in this incident.”

To that end, Daly said all stolen data had been returned, and the hackers have confirmed that the stolen data has effectively been “shredded” on their end.

“We have been informed that no Instructure customers will be extorted as a result of this incident, publicly or otherwise,” Daly said.

“This agreement covers all impacted Instructure customers, and there is no need for individual customers to attempt to engage with the unauthorised actor.”

Daly did not mention if a ransom had been paid to ShinyHunters, but added that “complete certainty” in such dealings is impossible. He believes, however, that it was essential to “take every step within our control to give customers additional peace of mind, to the extent possible”.

“We continue to work with expert vendors to support our forensic analysis, further harden our environment, and conduct a comprehensive review of the data involved,” Daly said.

“We will continue to provide updates as that work progresses.”

Mea culpa

At the same time, Daly also delivered an apology to Instructure customers over their communications protocols during the incident while outlining some further details of how its systems were compromised.

“I'll start where I should: with an apology,” Daly said.

“Over the past few days, many of you dealt with real disruption. Stress on your teams. Missed moments in the classroom. Questions you couldn't get answered. You deserved more consistent communication from us, and we didn't deliver it. I'm sorry for that.”

Daly said that Instructure has ascertained that data such as “usernames, email addresses, course names, enrollment information and messages” were impacted by ShinyHunters’ intrusion, but “core learning” data, such as submissions and credentials, remained secure.

“We also identified a vulnerability regarding support tickets in our Free for Teacher environment that was exploited. We temporarily disabled Free for Teacher while we complete a full security review,” Daly said.

“We know that's disruptive, and we didn't make that call lightly. But keeping the entire Canvas platform secure has to come first.”

Daly admitted, however, that while the company’s first instinct was to ascertain the facts of the case before speaking publicly, the balance of reporting was.

“We focused on fact-finding and went quiet when you needed consistent updates. You've been clear about that, and it's fair feedback. We will change that moving forward,” Daly said.

To that end, Daly has committed to launching a dedicated Incident Update page on its website and to releasing further updates within 48 hours, and eventually a summary of the forensic report on the incident.

“Rebuilding trust takes time,” Daly said.

“We're going to earn it back through consistent action and honest communication. We're in this for you and your community.”

What should schools and students do now?

According to ESET's Chief Security Evangelist, Tony Anscombe, the one thing to watch out for is being targeted by scammers and phishing campaigns.

“If, as reported, the breached data is limited to names, email and school location, the most likely immediate use of the data by cyber criminals will be to create a phishing campaign with a call to action to gather more data from the victims,” Anscombe told Cyber Daily.

“The emails could take the form of a breach notification, request to change password, or to register for identity protection services, all of which, if real, would require additional personal details making the malicious email request contextual.

“A basic rule is do not respond directly to any link in email regarding this topic, go to the university website directly and follow official guidance offered.”

Basic cyber hygiene actions, such as changing passwords, are also recommended.

“Early reports suggest that only minimal data has been compromised, however, as with many data breaches as investigations continue, it may become apparent that additional data has been exfiltrated and it may include more personal data such as date of birth, and possibly even passwords,” Anscombe said.

“As a precaution I recommend that if students or staff have used the same password, or similar, on multiple sites they immediately take action and change the passwords and where possible activate multi-factor authentication.”

As to what schools and other educational institutions can do, the situation requires a more technical – but nonetheless essential – approach.

“Universities and school should follow a recognised cyber security framework to ensure the highest level of security posture is achieved. This will include technologies such as endpoint detection and response, multi-factor authentication, identity access management, vulnerability and patch management and such like,” Anscombe said.

“Third-party data breaches such as this one are, unfortunately, a reality. Universities and schools need to ensure that any provider they contract with that may either have access to school systems or provide student and staff services follow the same strict cybersecurity practices and policies that are in place internally.”

Cyber DailyWant to see more stories from trusted news sources?
Make Cyber Daily a preferred news source on Google.