hacked

The hacker group, ShinyHunters, threatened to leak student data after breaching the educational platform Canvas.

An educational platform used by thousands of schools and universities has been partially restored following an international cyberattack that caused major chaos as students prepare for end-of-year exams.

ShinyHunters, a hacking group, claimed responsibility for crashing the web-based educational platform Canvas, created by tech firm Instructure.

The group said it had stolen 3.5 terabytes of data, including names, email addresses, student ID numbers and private messages, and threatened to release this if ransoms were not paid by May 12.

Instructure’s website said on Saturday that Canvas is now “available for most users” and no incidents were reported on Saturday. It is not clear if a ransom was paid.

The University of Sydney reported on Saturday that Canvas had been restored but was not yet “accessible to staff or students, as we need to complete checks”.

Canada’s University of Alberta said Canvas was partially restored with “reduced functionality”.

The countries that have been affected include the United States, the Netherlands, Sweden, Australia and the United Kingdom.

According to Canvas, about 30 million people across the globe use its system. The breach reportedly targeted close to 9,000 institutions across the globe.

Breach came at ‘worst time’

The Federal Bureau of Investigation said it was “aware of a service disruption” impacting a learning system, although it did not name Canvas, in a statement Friday.

“This disruption has impacted schools, educational institutions, and students across the country,” it said.

Al Jazeera’s correspondent in Florida, Phil Lavelle, said the hack could not have “come at a worse time” as many US schools are in the middle of exam season.

Institutions like Penn State, Harvard, Illinois, Columbia and Georgetown are all “scrambling” to extend or change exam deadlines, said Lavelle.

The Harvard Crimson, a student newspaper, said it could not access the platform since Thursday, with the University of Cambridge also saying it had “temporarily suspended access” to Canvas on Friday.

The Reuters news agency reported that, on May 5, the group posted a message saying Instructure had “not even bothered speaking to us” to prevent a data leak, and that their demand “was not even as high as you might think it is”.

Who are ShinyHunters?

The group is a global cybercrime syndicate that was established in 2019.

Over the years, they have claimed responsibility for cyberattacks, with the most recent data breach being Rockstar Games, a gaming giant that owns Grand Theft Auto.

“This goes to show how vulnerable schools are, how vulnerable other institutions are by individuals who seek to exploit or extort at the worst possible time – armed with just a keyboard and a mouse,” said Lavelle.

March 27 (UPI) — Iran-linked hackers broke into FBI Director Kash Patel’s personal email account, multiple news outlets reported Friday.

The hackers published photos and emails from the account from before Patel became FBI director, CNN, CNBC and CBS News reported. CNN said a source familiar with the breach confirmed the authenticity of the photos.

The emails the group stole from Patel date from around 2011 to 2022. They include personal, business and travel communication.

The hacking group, Handala Hack Team, said on their website that Patel “will now find his name among the list of successfully hacked victims.”

The photos published include Patel sniffing and smoking cigars, riding in an antique convertible, and making a face while taking a picture of himself in the mirror with a large bottle of rum. There are family photos and details of Patel searching for an apartment.

The group calls it a breach of “impenetrable” FBI systems, but the FBI was not breached.

“This isn’t an FBI compromise — it’s someone’s personal junk drawer,” cybersecurity researcher Ron Fabela told CNN.

“The FBI is aware of malicious actors targeting Director Patel’s personal email information, and we have taken all necessary steps to mitigate potential risks associated with this activity,” a statement from the FBI said. “Consistent with President Trump’s Cyber Strategy for America, the FBI will continue to pursue the actors responsible, support victims, and share actionable intelligence in defense of networks.”

It also said the information taken, “is historical in nature and involves no government information.”

The FBI also said that the State Department has offered a $10 million reward for information that leads to the identification of the Handala Hack Team.

The hackers have said they hacked the account to retaliate for a missile strike on an Iranian school, CNN reported.

Handala claimed Thursday to have published the personal data of dozens of Lockheed Martin employees stationed in the Middle East. The company said in a statement it was aware of the reports and had policies and procedures in place “to mitigate cyber threats to our business.”

Gil Messing, chief of staff at Israeli cybersecurity company Check Point, told CNBC that the move against Patel was part of Iran’s strategy to embarrass U.S. officials and “make them feel vulnerable.”

On March 19, the FBI took down two websites used by Handala after it hacked the medical company Stryker on March 11. The two sites were: one that had information about its hacks and the other used to dox people it alleges work with the Israeli military. The website it used to post Patel’s information was registered the same day the other sites came down.