Canvas breach spotlights cybercriminal appetite for student data
nextgov.com
Cyberattacks on widely used third-party services like Canvas can expose sensitive data that hackers can later weaponize. Higher education institutions are often a prime target.
A major cybercrime gang’s hack of Canvas is highlighting how education technology providers have become attractive targets for cybercriminals, whose access to student records, login credentials and other sensitive data can create opportunities for fraud, identity theft, extortion and future intrusions.
ShinyHunters on Thursday claimed responsibility for a hack into Instructure’s Canvas platform that facilitates course materials and class management for thousands of institutions. An extensive document posted by the hackers and obtained by Route Fifty lists some 9,000 customers apparently impacted in the breach, including Georgetown, Harvard and Cornell universities. It’s not clear whether all victims listed were accessed, or what data may have been stolen.
As Instructure worked to restore services, the hackers appeared to launch follow-on attacks, while ...
Copyright of this story solely belongs to nextgov.com . To see the full text click HERE