Canvas shut down worldwide on May 7 after a hack by cybercriminal group ShinyHunters displayed a warning message that student data could be distributed if Instructure, Canvas’ host, did not reach out to them by May 12. The message displayed across campus Canvases around 3 p.m., just hours before University of Wisconsin-Madison’s last day of finals.
UW-Madison provost John Zumbrunnen advised professors who are unable to administer finals or relying on Canvas to host preparatory materials to consider alternative grading options including “basing grades on work completed so far.” He also extended professors’ grading deadlines to 11:59 p.m. May 14 from a previous deadline of May 11 and encouraged students to watch for instructor communication.
In the pop-up message on Canvas, ShinyHunters encouraged affected schools to consult a cyber advisory firm and contact the group directly using instant messaging app Tox, before “everything is leaked” at the end of the day May 12.
“If Canvas prompts you to perform any action — such as clicking a link, logging in, resetting your password, or completing any tasks — do not proceed,” UW-Madison advised on their information technology website…