Hackers deface school login pages after claiming another Instructure hack

The first StrictlyVC of 2026 hits SF on April 30. Tickets are going fast. Register now. Buy one Disrupt pass, and get the second at 50% off. Ends May 8. Register now. TechCrunch Desktop Logo TechCrunch Mobile Logo LatestStartupsVentureAppleSecurityAIApps EventsPodcastsNewsletters SearchSubmit Site Search Toggle Mega Menu Toggle Topics Latest Hackers deface school login pages after claiming another Instructure hack Lorenzo Franceschi-Bicchierai Zack Whittaker 1:59 PM PDT · May 7, 2026 On Tuesday, education tech giant Instructure disclosed a data breach where hackers stole students’ private information, including their names, personal email addresses, and messages sent between teachers and students.  Now, it appears hackers were able to compromise Instructure again — this time defacing several schools’ login pages to the company’s platform Canvas, which allows schools to manage coursework and assignments and communicate with students.  TechCrunch saw a message published by the cybercrime group ShinyHunters on the Canvas login pages of three separate schools. A review of the defaced portals shows that the hackers injected an HTML file that altered the login screens to display their message. The message says the hackers will publish the stolen data on May 12 if the company does not “negotiate a settlement.” At the time of writing, Instructure’s website appeared to be partially online, at times returning a “too many requests” error. The company’s Canvas portal displayed a notice saying it was “currently undergoing scheduled maintenance.” Instructure did not immediately respond to TechCrunch’s request for comment. ShinyHunters had previously claimed responsibility for the original hack, publicizing it on its leak site — a website hackers use to publish stolen data and pressure victims into paying ransoms — in an effort to extort Instructure into paying to keep the data from going public. This apparent new hack, along with the fact that hackers chose to notify TechCrunch about the defaced login pages, indicate that the hackers are trying to ramp up pressure on Instructure and its customers, hoping to force them to cave to the hackers’ demands.   It’s unclear how the hackers were able to compromise the login pages. When asked, a member of ShinyHunters told TechCrunch that they couldn’t comment on specifics, but said this is a second, separate breach. Following the original breach at Instructure, the hackers claimed to have stolen data from almost 9,000 schools around the world, with the stolen files allegedly containing information on 231 million people.  The group has compromised countless victims over the last couple of years, following the same financially motivated playbook: hack, publicize, and extort.  When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence. Lorenzo Franceschi-Bicchierai Senior Reporter, Cybersecurity Lorenzo Franceschi-Bicchierai is a Senior Writer at TechCrunch, where he covers hacking, cybersecurity, surveillance, and privacy. You can contact or verify outreach from Lorenzo by emailing lorenzo@techcrunch.com, via encrypted message at +1 917 257 1382 on Signal, and @lorenzofb on Keybase/Telegram. Zack Whittaker Security Editor Zack Whittaker is the security editor at TechCrunch. He also authors the weekly cybersecurity newsletter, this week in security. He can be reached via encrypted message at zackwhittaker.1337 on Signal. You can also contact him by email, or to verify outreach, at zack.whittaker@techcrunch.com. May 27 Athens, Greece StrictlyVC Athens is up next. Hear unfiltered insights straight from Europe’s tech leaders and connect with the people shaping what’s ahead. Lock in your spot before it’s gone. Most Popular Hackers steal students’ data during breach at education tech giant Instructure Lorenzo Franceschi-Bicchierai As workers worry about AI, Nvidia’s Jensen Huang says AI is ‘creating an enormous number of jobs’ Lucas Ropek Anthropic and OpenAI are both launching joint ventures for enterprise AI services Russell Brandom Ouster’s new color lidar is coming to replace cameras Sean O'Kane We’ll take it: A TikToker rallies pledges to buy Spirit Airlines after its abrupt weekend collapse Connie Loizos This tiny, magnetic e-reader could stop you from doomscrolling Amanda Silberling Uber wants to turn its millions of drivers into a sensor grid for self-driving companies Connie Loizos X LinkedIn Facebook Instagram youTube Mastodon Threads Bluesky TechCrunchStaffContact UsAdvertiseCrunchboard JobsSite Map Terms of ServicePrivacy PolicyRSS Terms of UseCode of Conduct AnthropicSAPSamsungMarc LoreTechCrunch DisruptTech LayoffsChatGPT © 2026 TechCrunch Media LLC.