NKU Canvas LMS Hacked by ShinyHunters
Key Questions
What happened in the NKU Canvas LMS hack?
On May 7, ShinyHunters hacked Northern Kentucky University's Canvas LMS, causing a system outage. The hack compromised certain user data, but the outage has been resolved.
What data was stolen in the Canvas hack?
Stolen data included names, IDs, emails, and messages. No passwords or financial information was affected.
What actions were taken with the stolen data, and are there ongoing issues?
Instructure, Canvas's parent company, struck a deal with the hackers to return the stolen data, which was allegedly deleted from their logs. Fake 2FA scams and trust issues persist for NKU students and families, with the university's response ongoing.
Hack May7 downed Canvas; Instructure deal returned stolen data (names/IDs/emails/messages), allegedly deleted by hackers—no passwords/financials affected. System outage resolved but fake 2FA scams and trust issues persist for Highland Heights students/families; uni response ongoing.