Arabic version: قد تكون إنستركتشر قد دفعت فدية بعد هجوم سيبراني على كانفاس
Instructure, the operator of the Canvas education platform, has reportedly reached an agreement with the hackers behind a recent ransomware attack, which compromised the data of hundreds of millions of students. Following a week of outages, including delayed assignment due dates and defaced login pages, the company announced this development, leading experts to speculate that a ransom may have been paid. According to The Guardian, the hacking group ShinyHunters claimed responsibility for the attack, threatening to leak approximately 3.6TB of sensitive data unless their demands were met.
The stolen data included student ID numbers, email addresses, names, and messages from around 9,000 schools affecting 275 million students and staff worldwide. Instructure confirmed that the hackers exploited a vulnerability in its Free for Teacher software, which allowed them to deface login pages to inform users of the breach. The company stated that as part of the agreement, the data was ‘returned’ and they received confirmation of its destruction through technical reports.
Experts have raised concerns about the implications of paying ransoms. While many governments advise against such payments, the reality is that many organizations choose to pay to protect their users’ privacy. Cybersecurity professionals emphasize the risks involved, noting that paying ransoms does not guarantee that data will remain secure or that the attackers will act in good faith.
Darren Hopkins, a cyber forensics expert, highlighted the precarious position companies find themselves in when dealing with cybercriminals. He pointed out that while there is no complete certainty when engaging with these actors, companies often prioritize taking steps to reassure customers. The decision to pay or not remains a complex dilemma, with potential legal ramifications in some jurisdictions, such as Australia, where paying designated attackers could be a criminal offense.
As organizations improve their cybersecurity measures, the necessity to pay ransoms may decrease. However, the Canvas incident illustrates the ongoing challenge businesses face in navigating the threats posed by ransomware attacks and the difficult choices they must make in response.
