Sign up to save your podcasts
Or
Share Canvas Breach: Lessons in Cybersecurity
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Canvas Breach: Lessons in Cybersecurity
The Lighthouse IT Podcast - May 29th, 2026
What Happens When 275 Million Users Depend on One Platform?
In this episode of the Lighthouse IT Solutions podcast, Matt and Griffin discuss the April Canvas (Instructure) breach claimed by ShinyHunters, involving about 3.65 TB of exfiltrated data affecting roughly 275 million users across about 9,000 institutions, including names, emails, student IDs, and private messages. They recap a timeline of detection, public disclosure, a second disruption during finals week with a ransom note replacing the login page, and reports of a ransom agreement around May 11, followed by fallout, including a class action lawsuit and a Homeland Security investigation. This emphasizes the risks of vendor concentration, the need for incident-response planning, third-party risk management, backups, MFA, segmentation, and encryption at rest, and we advise impacted users to change passwords, enable MFA, and watch for targeted phishing using stolen context.
Don't miss out on our discussions and more!
https://hub.lighthousesol.com/blog/lighthouse-podcast-2/canvas-breach-lessons-in-cybersecurity-466
01:28 What Canvas Is
02:07 Breach Scale And Data
03:08 ShinyHunters Background
04:49 Extortion And Finals Week
07:11 Timeline And Ransom Payment
10:30 Repeat Attacks And Security
13:03 Private Messages Fallout
15:29 Will Hackers Delete Data
17:43 What Was Not Compromised
18:37 How They Got In
19:20 Canvas Accountability Gap
19:37 Paying ShinyHunters
21:54 Vendor Concentration Risk
26:12 Transparency And PR
27:00 Patch Or Negotiate
29:42 Third Party Risk
30:45 Backups And Encryption
34:07 If You Were Affected
35:54 Wrap Up And Where To Watch
View all episodes
By Lighthouse IT SolutionsThe Lighthouse IT Podcast - May 29th, 2026
What Happens When 275 Million Users Depend on One Platform?
In this episode of the Lighthouse IT Solutions podcast, Matt and Griffin discuss the April Canvas (Instructure) breach claimed by ShinyHunters, involving about 3.65 TB of exfiltrated data affecting roughly 275 million users across about 9,000 institutions, including names, emails, student IDs, and private messages. They recap a timeline of detection, public disclosure, a second disruption during finals week with a ransom note replacing the login page, and reports of a ransom agreement around May 11, followed by fallout, including a class action lawsuit and a Homeland Security investigation. This emphasizes the risks of vendor concentration, the need for incident-response planning, third-party risk management, backups, MFA, segmentation, and encryption at rest, and we advise impacted users to change passwords, enable MFA, and watch for targeted phishing using stolen context.
Don't miss out on our discussions and more!
https://hub.lighthousesol.com/blog/lighthouse-podcast-2/canvas-breach-lessons-in-cybersecurity-466
01:28 What Canvas Is
02:07 Breach Scale And Data
03:08 ShinyHunters Background
04:49 Extortion And Finals Week
07:11 Timeline And Ransom Payment
10:30 Repeat Attacks And Security
13:03 Private Messages Fallout
15:29 Will Hackers Delete Data
17:43 What Was Not Compromised
18:37 How They Got In
19:20 Canvas Accountability Gap
19:37 Paying ShinyHunters
21:54 Vendor Concentration Risk
26:12 Transparency And PR
27:00 Patch Or Negotiate
29:42 Third Party Risk
30:45 Backups And Encryption
34:07 If You Were Affected
35:54 Wrap Up And Where To Watch