Instructure Data Breach Exposes Student Names, Emails and ID Numbers

Education data breach illustration
Breach Discovery: 30th April 2026Breach Notification: 1st May 2026

What Happened in the Instructure Data Breach?

Instructure Inc., the education technology company behind the widely used Canvas learning management system, confirmed a cybersecurity incident in the spring of 2026. Canvas serves thousands of K-12 schools, colleges, universities, businesses and government agencies in more than 100 countries. As a result, any disruption or breach involving Instructure has the potential to reach a massive number of users worldwide.

The first public sign of trouble came on April 30, 2026, when Instructure’s status page reported that some customers were experiencing limited disruption to tools relying on API keys. The company said its team was actively investigating the issue. In addition, Instructure noted it had taken precautionary steps to help maintain service stability while it looked into the problem.

The following day, on May 1, 2026, Instructure’s Chief Information Security Officer, Steve Proud, sent a notification to customers. This notice confirmed that the company had recently experienced a cybersecurity incident caused by a criminal threat actor. Instructure then began working with outside forensics experts to investigate the incident and limit its impact.

On May 2, 2026, a hacking group known as ShinyHunters posted a claim on a dark web forum operating on the Tor network. The group alleged it had stolen 3.65 terabytes of data from Instructure’s systems. That same day, Instructure issued an update stating it believed the incident had been contained, though the investigation continued.

Who was affected?

The Instructure data breach potentially affects students, faculty and staff at institutions that use Canvas. Because Canvas is deployed by thousands of schools and universities, the population of affected individuals could span a wide range of ages, including minors enrolled in K-12 programs. However, Instructure has not disclosed a specific total number of individuals impacted.

The University of Massachusetts Amherst, one of many institutions relying on Canvas, described the incident as a


More Information

Official Notice from Instructure

Official Notice from Instructure

Official Notice from Umass

Related Data Breaches