A stylized illustration of a cylindrical cup with blue arrows and lines indicating a swirling or rotational motion inside the cup.
Briefs
Finance
Free NewsletterPro Login

Instructure Just Paid Off The Hackers Who Breached Canvas Twice

Jackson Moreland
Published May 13, 2026
Share:
Summary:
  • Hackers known as ShinyHunters stole data on 275 million students and staff in an April breach of Canvas.
  • Instructure reached an agreement with the hackers, who claim the data has been destroyed.
  • The FBI and U.S. government urge ransom victims not to pay, but Instructure paid anyway.

The U.S. government tells victims of cyberattacks not to pay hackers. Instructure just did.

The cost was not disclosed, but the playbook looks a lot like one that already failed at another school software company.

The Deal

Instructure makes Canvas, the school portal used by nearly 9,000 schools to manage student data and coursework.

On April 29, the cybercrime group ShinyHunters broke in. The group says it stole information on 275 million students and staff.

Days later, the same hackers broke in again. They defaced school login pages to push Instructure into paying the ransom.

Now Instructure says it has "reached an agreement" with the hackers, who told TechCrunch the stolen data has been deleted. The company would not say how much it paid.

A ShinyHunters representative told TechCrunch: "The data is deleted, gone. The company and it's [sic] customers will not further be targeted or contacted for payment by us."

For a daily read on stories like this, Market Briefs covers the news that matters to your money in five minutes, plus a free investing masterclass when you join.

Why Paying Hackers Often Backfires

The FBI told victims last week to "not send payment or respond" to extortion demands. Security researchers go further, saying hackers often lie about deleting data so they can keep extorting their victims later.

This is not a new playbook. PowerSchool, another school software company, was hit by a similar attack in 2024. That breach exposed data on 70 million students and staff.

PowerSchool paid the hackers to get the data back. Months later, a different cybercrime group started extorting PowerSchool customers using data that was supposed to be deleted.

Instructure said "there is never complete certainty" when dealing with cybercriminals. The company said its customers should not have to deal with the hackers directly.

What to Watch

The data stolen from Instructure includes student names, personal emails, and private messages between teachers and students.

Instructure says the two breaches were "distinct events" involving different systems. The company is still looking into both.

It's also not clear who at Instructure owns cybersecurity. When asked, the company would not say if CEO Steve Daly plans to resign after the back-to-back breaches.

For investors watching ed-tech, the bigger lesson is that paying ransoms doesn't always end the story. PowerSchool's experience shows stolen data can keep coming back, even after a company thinks it has bought peace.

Insurance, lawsuits, and regulators usually arrive next. None of those costs were on the table when Instructure cut its check.

The FBI said last week it was "aware" of the disruption hitting schools across the country. The agency didn't name Canvas, but it told victims not to send payment.

Instructure paid anyway. Whether that decision quiets the story or just buys time is the part the next few months will answer.

If you want the morning read that connects stories like this back to your portfolio, sign up for Market Briefs - it ships every weekday morning and comes with a free 45-minute investing course.

Disclosure

Get Market Briefs delivered to your inbox every morning for free!

No fluff. No noise. No politics. Just finance news you can read in 5 minutes.

Recent News

1 2 3 436

Blogs

May 5, 2026
How to Create Multiple Income Streams: A Beginner's Playbook
By Milena Thomas
  • Most people rely on a single income stream from their job - which is also the most heavily taxed.
  • Multiple income streams come from a mix of cash flow, dividends, side businesses, real estate, and royalties.
  • The fastest path for most beginners is starting with one extra stream - usually dividends or a side hustle - and stacking from there.
Read More
May 5, 2026
The 60/40 Portfolio Explained: A Beginner's Guide
By Nate Gregory
  • A 60/40 portfolio holds 60% in stocks and 40% in bonds (or other fixed income).
  • It's designed to balance growth from stocks with stability from bonds.
  • Your "right" mix depends on age, time horizon, income needs, and how well you sleep when markets drop.
Read More
May 5, 2026
How to Invest in Silver: A Beginner's Guide
By Jackson Moreland
  • Silver is both a precious metal and an industrial metal, used in solar panels, electronics, and medical tech.
  • Investors can buy silver four main ways: physical bars and coins, ETFs, mining stocks, or futures contracts.
  • Most beginners are best served by allocating a small slice of their portfolio to silver - usually between 1% and 3%.
Read More
May 1, 2026
Asset Allocation by Age: The Right Portfolio Mix at Every Stage of Life
By Andre Savage
  • Younger investors should hold mostly stocks because they have decades to recover from crashes and benefit from compounding.
  • Allocations gradually shift toward bonds and stable income as retirement approaches, but stocks remain important even past age 65 to outpace inflation.
  • Annual rebalancing is essential - it forces you to buy low and sell high while keeping your portfolio aligned with your actual life stage.
Read More
April 30, 2026
Stablecoin Explained: Why Some Cryptocurrencies Actually Aren't Volatile
By Jackson Moreland
  • Stablecoins are cryptocurrencies pegged to stable assets like the US dollar, giving crypto-style speed and access without the volatility of Bitcoin or Ethereum.
  • Fiat-backed stablecoins like USDC are the safest option, while algorithmic stablecoins have failed spectacularly and should generally be avoided.
  • Stablecoins fit a portfolio as cash reserves with better yields, a hedge against crypto volatility, and a fast, cheap rail for international transactions.
Read More
April 30, 2026
Buy Now, Pay Later Risks: Why This "Easy" Payment Method Is Dangerous to Your Wealth
By Nate Gregory
  • Buy now, pay later services like Klarna, Affirm, and Sezzle are debt products designed to feel harmless while keeping users in a cycle of overspending.
  • BNPL exploits psychological debt blindness, triggers late fees, and damages credit scores without helping users build positive credit history.
  • Building real wealth means waiting 30 days, paying upfront when you have the cash, and avoiding systems built to extract money from your future income.
Read More
April 30, 2026
Dividend Payout Ratio: The Secret Metric That Shows If a Stock Is Safe or Risky
By Jackson Moreland
  • Dividend payout ratio is total dividends paid divided by net income, showing the percentage of earnings a company returns to shareholders.
  • A 20-50% payout ratio is generally safe and sustainable, while ratios above 75% often signal a dividend cut is coming.
  • High dividend yields can be warning signs, not opportunities - safety and dividend growth matter more than the headline yield number.
Read More
April 30, 2026
Ethereum for Beginners: What It Is and Why Smart Investors Are Paying Attention
By Milena Thomas
  • Ethereum is a blockchain platform that runs smart contracts, while Ether (ETH) is the cryptocurrency that powers the network.
  • Use cases include decentralized finance, NFTs, gaming, supply chain tracking, and digital identity - many still experimental.
  • Most investors should treat Ethereum as a small allocation hedge using dollar-cost averaging, not a get-rich-quick lottery ticket.
Read More
April 30, 2026
Dollar Cost Averaging Strategy: How to Beat Emotion and Build Wealth Steadily
By Nate Gregory
  • Dollar cost averaging means investing the same amount at regular intervals regardless of what the market is doing.
  • The strategy automatically buys more shares when prices are low and fewer when prices are high, lowering your average cost over time.
  • DCA removes emotion, eliminates the need to time the market, and turns volatility into a mathematical advantage for long-term investors.
Read More
April 30, 2026
The BRRRR Strategy: How to Build Real Estate Wealth Without Big Money Down
By Andre Savage
  • BRRRR stands for Buy, Rehab, Rent, Refinance, Repeat - a five-step framework for scaling real estate without saving for big down payments.
  • The strategy works by buying distressed properties below market value, adding value through smart renovations, and pulling out equity through refinancing.
  • Tax advantages like depreciation and mortgage interest deductions make BRRRR a powerful tool for owners willing to manage tenants and contractors.
Read More
1 2 3 20
Share via
Facebook
X (Twitter)
LinkedIn
Mix
Pinterest
Bluesky
Tumblr
Skype
Buffer
Pocket
VKontakte
Parler
Xing
Reddit
Line
Flipboard
MySpace
Delicious
Amazon
Digg
Evernote
Blogger
LiveJournal
Baidu
MeWe
NewsVine
Yummly
Yahoo
WhatsApp
Viber
SMS
Telegram
Facebook Messenger
Like
Email
Print
Copy Link
Copy link
CopyCopied