On Tuesday, education technology giant Instructure disclosed a data breach in which hackers stole personal information such as students’ names, personal email addresses, and messages sent and received between teachers and students.
Well, it looks like hackers have managed to compromise Instructural again. This time, they defaced several schools’ login pages for Canvas, the company’s platform that allows schools to manage lessons, assignments, and communicate with students.
TechCrunch has seen messages published by the cybercrime group ShinyHunters on the Canvas login pages of three separate schools. Inspecting the defaced portal reveals that the hacker has inserted an HTML file that modifies the login screen to display a message.
The message states that if the company does not “negotiate a settlement,” the data stolen by the hackers will be released on May 12th.
At the time of this writing, the Instructor website appeared to be partially online, occasionally returning a “Too Many Requests” error. The company’s Canvas portal displayed a notification that said it was “currently undergoing planned maintenance.”
Instructor did not immediately respond to TechCrunch’s request for comment.
ShinyHunters had previously claimed responsibility for the original hack, published it on its leak site (a website used by hackers to publish stolen data and pressure victims to pay ransoms), and attempted to extort payments from Instructure to prevent the release of the data. This apparently new hack, along with the fact that the hackers chose to notify TechCrunch about the defaced login page, indicates that the hackers are looking to increase pressure on the infrastructure and its customers to yield to the hackers’ demands.
It is unclear how the hackers were able to compromise the login page. When asked by TechCrunch, ShinyHunters members said they could not comment on the details, but said this is the second separate breach.
After the initial infrastructure breach, hackers claimed to have stolen data from nearly 9,000 schools around the world, and the stolen files allegedly contained information on 231 million people.
The group has compromised countless victims over the past few years, following the same financially motivated strategy of hacking, publishing, and extortion.
If you buy through links in our articles, we may earn a small commission. This does not affect editorial independence.
Source link
