In the latest cybersecurity news, Instructure Holdings, Inc. (Canva LMS, instructure.com) — a company operating in the US — has fallen victim to a ransomware attack conducted by the group shinyhunters. This data breach, discovered on 2026-05-03T09:00:08.806602+00:00, underscores the increasing need for proactive cybersecurity defenses as we continue through 2025.
In response to increasing cyber threats, it’s critical to protect your organization with proactive security measures. HookPhish provides enterprise-grade solutions designed to reduce your risk of future attacks:
- Phishing Simulation – Test and improve employee readiness with realistic, controlled phishing campaigns.
- Cybersecurity Awareness Training – Educate your team to recognize and respond to common attack tactics.
- Data Breach Monitoring – Get real-time alerts if your organization’s data appears in public or dark web breaches.
- Phishing Detection and Response – Detect, investigate, and neutralize phishing threats before they cause damage.
Protect your organization before it becomes the next headline. Explore HookPhish.
Incident Report
| Attribute | Information |
|---|---|
| Target Organization | Instructure Holdings, Inc. (Canva LMS, instructure.com) |
| Threat Group | shinyhunters |
| Summary | Nearly 9,000 schools worldwide affected. 275 million individuals data ranging from students, teachers, and other staff containing PII. Several billions of private messages among students and teachers and students and other students involved, containing personal conversations and other PII. Your Salesforce instance was also breached and a lot more other data is involved. Pay or Leak. This is a final warning to reach out by 6 May 2026 before we leak along with several annoying (digital) problems that’ll come your way. Make the right decision, don’t be the next headline. | Size: 3.65TB+ (uncompressed) | Updated: 3 May 2026 | Warning: FINAL WARNING PAY OR LEAK |
| Date of Breach | 2026-05-03T09:00:07.344764+00:00 |
| Discovery Date | 2026-05-03T09:00:08.806602+00:00 |
| Region | US |
| Target Domain | None |
| Business Sector | Education |
Don’t wait for a breach to take action — stay informed and take control of your cybersecurity posture today.
You can also check if your organization’s data has been exposed using our free Data Breach Checker.
Disclaimer: HookPhish does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.
