On Tuesday, education tech company Instructure revealed a data breach where hackers accessed students’ personal information, such as names, email addresses, and messages between teachers and students.
Hackers have seemingly compromised Instructure again by defacing the login pages for several schools on Canvas, the platform that manages coursework and student communication.
TechCrunch noted a message on the login pages from the cybercrime group ShinyHunters, indicating that an HTML file was injected to alter the screens and display their message.
The message demands that the company negotiate a settlement by May 12 to prevent the stolen data from being published.
At this time, Instructure’s website is partly online, occasionally showing a “too many requests” error, with a notice on Canvas stating “scheduled maintenance.”
Instructure has not responded to TechCrunch’s request for comments.
ShinyHunters, responsible for the initial hack, had made it public on a leak site, aiming to pressure Instructure into a settlement. This new incident suggests an increased effort by hackers to push Instructure and its customers into meeting their demands.
The method used to compromise login pages is unclear, though a ShinyHunters member stated it was a separate breach from the original.
Following the first breach, hackers claimed to have data from nearly 9,000 global schools, involving information on 231 million people.
ShinyHunters has targeted numerous victims in recent years using a strategy of hacking, publicizing, and extortion.