Did you receive a Canvas data breach notice? Do you want to know what happened and how it might impact you? We have all of those answers and more. Welcome to the Identity Theft Resource Center's (ITRC’s) Weekly Breach Breakdown for May 15, 2026. I'm Alex Achten, Vice President of Media Relations for the ITRC. Thanks to Sentilink for supporting the ITRC and this podcast.
Each week, we review the latest events and trends in data security and privacy. Today, we will take a look at a data breach dominating the headlines: the Canvas data breach.
Each week, we review the latest events and trends in data security and privacy. Today, we will take a look at a data breach dominating the headlines: the Canvas data breach.
Show Notes
Follow on LinkedIn: linkedin.com/company/idtheftcenter/
Follow on Instagram: instagram.com/idtheftcenter/
Follow on Facebook: facebook.com/IDTheftResourceCenter/
Follow on X: twitter.com/IDTheftCenter
Follow on TikTok: www.tiktok.com/@idtheftcenter_
Follow on YouTube: www.youtube.com/@IDTheftCenter
Show Transcript
Did you receive a Canvas data breach notice? Do you want to know what happened and how it might impact you? We have all of those answers and more. Welcome to the Identity Theft Resource Center's (ITRC’s) Weekly Breach Breakdown for May 15, 2026. I'm Alex Achten, Vice President of Media Relations for the ITRC. Thanks to Sentilink for supporting the ITRC and this podcast. Each week, we review the latest events and trends in data security and privacy. Today, we will take a look at a data breach dominating the headlines: the Canvas data breach.
A quick note before we get into the details: All of the information in this podcast is as of Wednesday, May 13. Information may change as new details emerge. We will update the podcast transcript for this episode if needed. We will also provide the latest details in our monthly newsletter, In the Loop, and our half-year data breach report. Now, let’s start by looking at what happened.
According to Bitdefender, Instructure, the company behind the Canvas learning management system, confirmed a data breach after the ShinyHunters cybercrime group claimed responsibility for stealing data linked to hundreds of millions of users. Schools, universities and other organizations use Canvas to manage coursework, communication and student records, making it an attractive target for attackers.
ShinyHunters listed Instructure on its leak site, claiming it had stolen data from the company’s systems. Some reports claim that the Canvas data breach could affect up to 275 million individuals across nearly 9,000 schools worldwide. Information exposed includes names, email addresses, student ID numbers and messages between users.
Instructure says that while their investigation continues, they believe the incident has been contained. They add that, for now, there is no evidence that highly sensitive information such as passwords, financial details or government identifiers has been compromised.
TechCrunch reports that Instructure reached an agreement with ShinyHunters and claimed that the cybercrime group provided evidence that it had deleted all the stolen data. A representative for ShinyHunters told TechCrunch that they would not continue to extort the company or its customers, but declined to say how much the company had paid as ransom.
The ITRC will monitor this situation closely and track all data breach notices. People can visit www.idtheftcenter.org/breach-alert or call or text us at 888.400.5530 for more information as it becomes available.
For anyone unsure whether their institution has issued a Canvas data breach notice, check whether you have received one. If you have or do in the future, react, don’t panic. Be mindful of suspicious messages. Exposed email addresses can be used in targeted scams. Be cautious about any unexpected messages. If they ask you to click on links or download files, don’t do it.
While it does not appear passwords were compromised in the Canvas data breach, update any passwords on the platform and any other accounts that use the same password out of an abundance of caution. The ITRC recommends you adopt a passkey if possible. If not, use a unique 12+-character passphrase with multifactor authentication for an added layer of security.
Finally, while it also does not appear that Social Security numbers have been compromised, freeze your credit. There is nothing that you can do to protect your identity that will make a bigger impact. To learn more or freeze your credit, visit www.frozenpii.com.
Again, the ITRC will continue to track the Canvas data breach and share details in our monthly newsletter, In the Loop, and our half-year data breach report. You can subscribe to In the Loop by visiting our website, www.idtheftcenter.org, and clicking on “Newsletter” under the “Resources” tab.
If you want to know more about how to protect your business or personal information or think you have been the victim of identity theft, fraud or a scam, you can speak with an expert ITRC advisor on the phone, via text message, chat live on the web, or exchange emails during our normal business hours, Monday through Friday, 6 a.m.-5 p.m. PT. Just visit www.idtheftcenter.org to get started.
Thanks again to Sentilink for their support of the ITRC and this podcast. Please hit the like button for this episode and subscribe wherever you listen to your podcasts. We will return next week with another episode of the Weekly Breach Breakdown. I’m Alex Achten. Until then, thanks for listening.
