A key education computer platform used by California State University campuses, UCLA and thousands of schools nationwide was back online Friday following a cyberattack, but access to the system was not immediately restored at some universities.
The cyberattack, allegedly carried out by a hacking group called Shiny Hunters, targeted Instructure, developer of the Canvas education platform used at universities and school systems nationwide. The attack apparently began more than a week ago, but it led to outages of the Canvas system on Thursday.
The attack knocked out access to the system at UCLA and other University of California campuses, and at all campuses in the Long Beach-based California State University system.
Instructure posted a message on its website late Thursday that Canvas “is now available for most users.” It was unclear how the system was restored or whether the company had paid any sort of ransom to the hacking group to prevent a leak of data.
But while the platform was back in operation, some universities opted to wait before restoring student access to the system.
“In alignment with UC guidance, UCLA is performing security assurance, configuration, and integrity checks before re-enabling access,” the UCLA Office of the Chief Information Security Officer stated in an online update Friday morning. “An announcement on platform restoration will be shared when a decision has been made.”
As of early Friday afternoon, Canvas was being slowly restored at CSU campuses statewide.
“CSU has been actively working closely with state partners and security teams to ensure all recommended security protocols and validations are fully completed before restoring access to Canvas, which we anticipate will be no later than early (Friday) afternoon,” according to the university’s website.
“Note that this is a global issue driven by actors that targeted Instructure’s data system, the company which develops and hosts Canvas for thousands of educational institutions. The CSU is carefully balancing the risks involved with reactivating our Canvas instances with those of not having the resources available for finals and will restore access as soon as is reasonable. Campus teams are proactively backing up critical grade data and securing the environments to the extent possible before taking the step of reopening the instances for broader campus use.”
The hack came as many students were using the Canvas system to take final exams. Some users reported that a message appeared on their computer screens from Shiny Hunters, which claimed to have captured the data of hundreds of millions of users which would be released if affected institutions did not arrange a “settlement” with the hacking group.