soft-shell crab exporterVietnamese mud crab exportVietnam crab exporter
Man charged with attempting to assassinate President Donald Trump at DC press gala pleads not guilty to all charges
Find us on Google 📌 View from the pews Start the day smarter ☀️ Get the USA TODAY app
LOCAL
Colleges & Universities

Canvas back up after ShinyHunters hack forced shutdown

Portrait of Matthew Cupelli Matthew Cupelli
Cincinnati Enquirer
Updated May 8, 2026, 5:42 p.m. ET

This story has been updated with comments from the University of Cincinnati and Cincinnati Public Schools.

Canvas, a cloud-based learning management platform used by thousands of schools and universities, is back up after it was disabled for hours May 7.

Northern Kentucky University, Kent State University were among the colleges across the United States where students couldn't access their class material after a security incident resulted in a widespread outage. The incident disrupted classes, coursework and exams amid spring finals week for many schools.

The hacking group ShinyHunters claimed responsibility for the data breach at Instructure, the parent company and creator of the Canvas learning management system, according to an email sent to students from NKU and multiple news reports.

Here's what we know:

Is Canvas back up?

Screen message on Canvas after system wide shutdown.

"Canvas is fully back online and available for use," Instructure said on its incident update page. Miami University said Canvas access returned, but some students were having difficulty logging in.

What is Canvas?

Canvas is an application that allows students and faculty to virtually upload assignments, grade coursework and complete exams.

Canvas has more than 30 million active users worldwide and over 8,000 institutions as customers, according to USA Today.

What happened with Canvas?

Hackers gained unauthorized access to Canvas by "exploiting an issue related to our Free-For-Teacher accounts," Instructure said. Free-For-Teacher accounts have been temporarily shut down as a result, the company said.

The company first became aware of the hackers' presence on April 29. On May 8, the same actor "made changes to the pages that appeared when some students and teachers were logged in through Canvas," causing Instructure to take Canvas offline to investigate.

A group called ShinyHunters claimed responsibility for the hack, according to USA Today. It said that anyone who did not want their data released should contact the group before May 12.

A screenshot depicting a similar message was shared in the University of Cincinnati subreddit on May 7 with the caption "Anyone else seeing this? I can't do anything on web or mobile."

As of May 8, Instructure said it has found no evidence that "passwords, dates of birth, government identifiers, or financial information" were involved in the data breach. However, it said "names, email addresses, student ID numbers, and messages among Canvas users" were accessed by hackers.

Who are ShinyHunters?

ShinyHunters has a history of compromising global corporations, according to Reuters. In April, the hacking group said it had stolen ​nearly 80 million business records from video game developer Rockstar Games, the ‌maker of Grand Theft Auto.

ShinyHunters said it had accessed data from over 275 million people — including students, teachers, and other staff — across nearly 9,000 schools worldwide, according to USA Today.

Schools respond to Canvas hack

The Cincinnati Public School district uses Canvas, according to spokesperson Joe Wessels. He said Canvas has not notified the district that any of its data has been affected.

Canvas is functional for NKU students and faculty, according to spokesperson Gianna Vitali. She said NKU is working with Instructure to determine if student records were compromised.

"At this time," Vitali said, "we have not been informed by Canvas of the extent of the breach."

Miami University students lost access to Canvas late in the afternoon on May 7, according to a spokesperson. Access was restored by 6:30 a.m., though some users were still having trouble logging into Student ePortfolios.

Miami University did not answer whether it was concerned about student information being leaked.

The University of Cincinnati said just before 1:30 p.m. that Canvas was back online but some related systems were disabled pending individual review. These include Zoom, Kaltura and ExamSoft.

In a statement, UC said none of its other systems were impacted by this hack.

Xavier University did not respond to emails by the time of publication.

Featured Weekly Ad