Several major universities in Ontario, including the University of Toronto and OCAD University, were affected by a large cybersecurity breach involving the Canvas online learning platform. The incident created concern among students, teachers, and school administrators after hackers reportedly gained unauthorized access to parts of the system used by thousands of educational institutions around the world. The cyberattack is now being investigated by technology company Instructure, the U.S.-based operator of Canvas.
Canvas is one of the most widely used online learning systems in higher education. Universities use the platform to manage coursework, assignments, grades, exams, and communication between students and faculty members. According to officials, the company detected suspicious activity on April 29 and immediately started an investigation into the breach. The company later confirmed that some user information may have been exposed during the incident.
The information possibly accessed by hackers includes names, email addresses, student identification numbers, and messages exchanged through the platform. However, Instructure said there is currently no evidence that passwords, banking details, government identification, or financial information were stolen in the attack. Even so, universities across Canada took precautionary steps by temporarily shutting down or limiting access to Canvas systems while security teams reviewed the situation.
The University of Toronto confirmed that its Quercus platform, which operates through Canvas, was temporarily taken offline as a safety measure. OCAD University also released a public notice stating that the issue was connected to Instructure’s systems and not to the university’s own internal network. OCAD later restored access to Canvas after receiving updates from the company and said there was no impact on current operations or ongoing university events.
Reports linked the attack to the hacking group known as ShinyHunters, a cybercriminal organization previously connected to several international data breaches. The group claimed responsibility for stealing millions of records connected to schools, colleges, teachers, and students worldwide. Some reports suggested the hackers threatened to release stolen data publicly if their demands were not met.
The cyberattack affected institutions far beyond Ontario. Universities and colleges in British Columbia, Alberta, the United States, Australia, Europe, and other regions also reported disruptions connected to Canvas. Some schools temporarily paused online exams, assignments, and student services while IT departments worked to secure systems and protect users from possible phishing attempts or suspicious emails linked to the breach.
Cybersecurity experts say the incident highlights the growing risks facing educational institutions as more learning systems move online. Millions of students and educators depend on digital platforms every day, making them attractive targets for hackers searching for personal information and institutional data. Authorities and privacy officials are now closely monitoring the situation as investigations continue into the full scale of the breach.
Universities affected by the breach have advised students and staff to remain alert for suspicious emails, fake login pages, or unexpected requests for passwords and personal details. Officials also recommended changing passwords and enabling additional account security measures as a precaution. Instructure said it is continuing to work with cybersecurity experts and law enforcement agencies while reviewing the impact of the attack globally.
Iran mocked U.S. pressure as military clashes near the Strait of Hormuz continued while Washington w
Google has decided to settle a discrimination lawsuit by Black employees, responding to accusations
Scientists say satellites captured one of the largest tsunamis ever recorded after a huge mountain c
The UAE's Humaid Air Bridge has successfully transported 600 tonnes of aid to Gaza, providing essent
