The Canvas Breach

275 million users across 9,000 institutions. The #shinyhunters breach of Instructure – the company behind the widely used Canvas LMS – has allegedly exposed 3.6TB of data, making it one of the largest education-sector breaches in history. On this episode of State of Cybercrime, Matt and David draw on their continued coverage of ShinyHunters to break down the scope of this disruptive attack, how the group gained access, and connect the dots to its prior breach of Instructure in September 2025. They’ll examine how these incidents are linked and what they reveal about vendor accountability and the hidden exposure organizations inherit through third-party platforms.