[Cybersecurity Attack Warning] Canvas supplier Instructure compromised by hacker group ShinyHunters

 
2026/5/12 ~ 2026/11/12
View Count:24

[Content Description]
Recently, several overseas schools have reported that attackers have been targeting the Canvas online teaching platform with account theft and phishing attacks. These attacks may involve forged login pages, fake course notification emails, or third-party plugins to trick users into entering their account passwords.

[Affected Platforms]
All Canvas products

[Recommended Measures]
To prevent account theft and data leakage, please be vigilant and implement the following security measures:

1. Verify the login URL: Please log in to Canvas through the official school portal or bookmarks. Avoid clicking on links in emails from unknown sources.

2. Do not enter your account password on suspicious pages: If a page displays abnormal login requests, re-verification, or MFA verification notifications, please verify the URL is correct.

3. Enable Multi-Factor Authentication (MFA): Users who already support MFA are advised to enable it as soon as possible to reduce the risk of account theft.

4. Pay attention to abnormal notifications: Please be aware of any unauthorized login records, receiving abnormal verification code notifications, receiving unclear announcements or messages for courses, or your account automatically sending abnormal emails. If you discover any of the above situations, please change your password immediately and notify the IT department.

5. Avoid reusing passwords and change your password frequently: Do not share your Canvas password with other websites or systems, and it is recommended to change your password regularly to improve account security. If you discover that your account has been stolen or your data has been leaked, please report it in accordance with the regulations of the Information and Communication Security Incident Reporting, Response, and Drill Procedures.

6. The progress of this incident handling is as announced on the official website: https://www.instructure.com/incident_update

[References]
1. https://www.instructure.com/incident_update
2. https://data.dailycal.org/2026-05-07-shiny-hunters
3. https://www.informationsecurity.com.tw/article/article_detail.aspx?aid=12906
4. https://www.ithome.com.tw/news/175580

Files
None
【Back】
Top↑