Dutch universities disconnect Canvas after hackers claim continued access

All seven Dutch universities using the Canvas education platform disconnected the system after the hacker group ShinyHunters claimed it still had access to systems operated by Canvas supplier Instructure.

Universities of the Netherlands said the decision followed the appearance of a ShinyHunters message inside Canvas environments at multiple universities on the evening of May 7. In the message, the group said it still had access to Instructure’s systems.

The precautionary measure was taken in close coordination with SURF, the Dutch education and research IT cooperative. As a result, students and staff cannot currently access Canvas.

Universities warned that users with active sessions may still be logged in and requested that all users close Canvas and avoid using the platform until further notice.

Universities in the Netherlands said Canvas will not return to regular operations until they receive “additional insights and more clarity” from Instructure on security and the measures already taken.

Teaching is continuing “as much as possible,” although disruptions are expected and vary by university and degree program, the organization said. Universities are informing their own students and employees about the specific issues and available solutions.

The affected institutions are Universiteit van Amsterdam, Vrije Universiteit Amsterdam, Erasmus Universiteit Rotterdam, Tilburg University, Technische Universiteit Eindhoven, Universiteit Maastricht, and Universiteit Twente.

Dutch broadcaster NOS reported that several other educational institutions also blocked access to Canvas after the renewed breach, including Fontys Hogeschool. Deltion restored access at 9 a.m. Friday, after determining the system was safe to use again.

ShinyHunters said earlier this week it had obtained data belonging to millions of students, teachers, and education employees through Canvas. Students use the platform to submit assignments, access teaching materials, and view grades.

According to NOS, the hackers breached the system again despite additional security measures introduced after the initial attack. The group posted a new message inside Canvas demanding contact and negotiations by May 12 and threatening to publish stolen data if no agreement is reached.