Data breach and data leak news from educational facilities.
When education software giant Instructure announced on May 1 that its widely used Canvas software was unavailable as it investigated a data security incident, it suggested the breach was mostly contained. That turned out to be overly optimistic. While the firm posted updates on its site as its services returned to service, the ShinyHunters group that attacked them continued to […]
There has been yet another development in the hack-and-leak attack on edtech giant Instructure, which was targeted by the ShinyHunters gang in April. When Instructure didn’t pay the gang’s ransom demands to delete the data, ShinyHunters attacked them again, defacing Canvas login pages with a note from ShinyHunters to schools. CNN reports: An apparent cyberattack shut down an […]
Security Week reports that Instructure is the latest edtech firm to fall prey to hackers. Based in Salt Lake City, Utah, the edtech firm is best known for Canvas, one of the most widely used learning platforms across educational institutions and other organizations. Disclosed on April 30, the cyberattack was blamed for “disruption to tools […]
DEFCROS News reports: Senators Maggie Hassan and Jim Banks are pressing for answers from Navigate360 following a cyberattack that reportedly compromised sensitive student data from school safety tip lines. The incident has raised significant concerns about the security of information intended to protect students and the integrity of the systems designed to facilitate anonymous reporting. […]
Will P3 wind up on a vendors not to be trusted list? DataBreaches.net reports: P3 Global Intel advertises itself as a “fully integrated and state-of-the-art tip acquisition and tip management solution that has quickly become the leading choice of Crime Stoppers Programs, Law Enforcement Agencies, Campus Safety Programs, and Federal Agency Initiatives.” 35,000 U.S. schools use P3 Campus, which […]
The Minnesota Department of Human Services’ vendor breach was not the only recent breach disclosed that affected more than 300,000 people. Monroe University in New York also disclosed a breach involving a lot of sensitive information. From their January 13 notification letter: We are posting this notice to inform our community of a data security […]
TORONTO, ON (November 18, 2025) — Ontario and Alberta information and privacy commissioners have released the findings of their investigations into a massive privacy breach involving PowerSchool education technology (edtech) used by schools in their respective provinces. The incident, which affected millions of Canadians across the country, highlights the importance for educational bodies, including school boards, […]
In 2022, Illuminate Education, Inc. suffered a major data breach. Now three states have announced a settlement with the edtech vendor. From the California Attorney General Rob Bonta’s office:
Bleeping Computer reports: A hacker has taken responsibility for last week’s University of Pennsylvania “We got hacked” email incident, saying it was a far more extensive breach that exposed data on 1.2 million donors and internal documents. On Friday, University of Pennsylvania alumni and students began receiving multiple offensive emails from Penn.edu addresses claiming the university […]
Bleeping Computer reports: Harvard University is investigating a data breach after the Clop ransomware gang listed the school on its data leak site, saying the alleged breach was likely caused by a recently disclosed zero-day vulnerability in Oracle’s E-Business Suite servers. “Harvard is aware of reports that data associated with the University has been obtained […]
