Hackers Hold UChicago’s Canvas Page and Students’ Data for Ransom

On May 7, 2026, the criminal extortion group “ShinyHunters” announced its breach of Instructor, the parent company of Canvas, a widespread online learning platform used at the University of Chicago and 9,000 other institutions. When students attempted to log onto Canvas, where they would otherwise submit homework assignments, quizzes, or view course instructions, the following message appeared:  

The group threatened to release the data of all users, including UChicago students, if a ransom payment was not made by May 12th, end of day. They included a document detailing all institutions that would have their Canvas data exposed, which by name listed the University of Chicago. According to The Chronicle at Duke University, “Instructure also reported it ‘found no indication’ that passwords, dates of birth, government identifiers or financial information were compromised.”  

ShinyHunters, created in 2019, has previously claimed to have breached 1.3 terabytes of customer data on the venue ticket platform Ticketmaster. The University of Chicago has been asked for comment on this matter.