Technology

Harvard Canvas Site Inaccessible Following Instructure Data Breach

Harvard University's Canvas platform went offline after a cyberattack on Instructure, affecting multiple institutions.

Bluxle Editorial Updated May 8, 2026 2 min read AI-Researched
A hand holding a credit card in front of a laptop screen with Matrix-style data on it — Image credit: Canvas maker Instructure reveals data breach - confirms user personal information leaked / https://www.techradar.com/author/sead-fadilpai
A hand holding a credit card in front of a laptop screen with Matrix-style data on it — Image credit: Canvas maker Instructure reveals data breach - confirms user personal information leaked / https://www.techradar.com/author/sead-fadilpai
Article Bias Score Neutral
◀ Left Right ▶

Harvard University’s Canvas site became inaccessible on May 7, 2026, following a cybersecurity incident involving Instructure, the company behind the Canvas Learning Management System (LMS). The breach, claimed by the hacking group ShinyHunters, affected user identifying information from nearly 9,000 schools and approximately 275 million users [1][2].

Instructure confirmed the breach, stating that names, email addresses, student ID numbers, and private messages were compromised. However, there is no evidence that passwords, dates of birth, government identifiers, or financial information were accessed [1].

On the afternoon of May 7, Canvas login pages at multiple institutions, including Harvard, were defaced with a message from ShinyHunters. The group demanded a ransom and threatened to leak data by May 12 if their demands were not met [3].

Image credit: Harvard Canvas Site Goes Down After University Listed in Instructure Breach | News | The Harvard Crimson
Image credit: Harvard Canvas Site Goes Down After University Listed in Instructure Breach | News | The Harvard Crimson | Credit: Harvard Canvas Site Goes Down After University Listed in Instructure Breach | News | The Harvard Crimson

Harvard’s Canvas site initially redirected users to the message from ShinyHunters. By approximately 4:20 p.m., the site displayed a “scheduled maintenance” notice, and by 4:30 p.m., both the web and mobile platforms were inaccessible [3].

Tim Bailey, a spokesperson for Harvard University Information Technology (HUIT), confirmed that the platform was unavailable due to a cyber incident and stated that HUIT was actively investigating the situation [3].

What Is Known

The breach affected a significant number of users and institutions, with ShinyHunters claiming responsibility. Instructure has acknowledged the incident and is working to address the security concerns [1][2].

What Remains Unclear

The specific data tied to Harvard affiliates that may have been compromised is not yet clear. Additionally, ShinyHunters’ claim that Instructure’s Salesforce instance was breached has not been confirmed by the company [3][2].

AI-Generated Content Disclosure

This article was generated by Bluxle's AI system based on research from multiple news sources. All facts are sourced and cited below. The AI is designed to be neutral and fact-based with no editorial opinion.

Editorially reviewed by R McLennan

Sources & Citations

Source Bias Score Neutral
◀ Left Right ▶

Weighted by citation frequency — sources cited more often carry greater influence.

Research Basis

Outlets in bold were actively consulted during research for this article. Others are in our standard monitoring pool.