Hackers deface school login pages after claiming another Instructure hack

On Tuesday, education tech giant Instructure disclosed a data breach where hackers stole students’ private information, including their names, personal email addresses, and messages sent between teachers and students. Now, it appears hackers were able to compromise Instructure again — this time defacing several schools’ login pages to the company’s platform Canvas, which allows schools to manage coursework and assignments and communicate with students. TechCrunch saw a message published by the cybercrime group ShinyHunters on the Canvas login pages of three separate schools. A review of the defaced portals shows that the hackers injected an HTML file that altered the login screens to display their message. The message says the hackers will publish the stolen data on May 12 if the company does not “negotiate a settlement.” At the time of writing, Instructure’s website appeared to be partially online, at times returning a “too many requests” error. The company’s Canvas portal displayed a notice saying it was “currently undergoing scheduled maintenance.” Instructure did not immediately respond to TechCrunch’s request for comment. ShinyHunters had previously claimed responsibility for the original hack, publicizing it on its leak site — a website hackers use to publish stolen data and pressure victims into paying ransoms — in an effort to extort Instructure into paying to keep the data from going public. …