The Canvas Breach

Friday, May 15, 2026 1 p.m. ET | 6 p.m. BST Matt Radolec, David Gibson

275 million users across 9,000 institutions. The ShinyHunters breach of Instructure – the company behind the widely used Canvas LMS – has allegedly exposed 3.6TB of data, making it one of the largest education-sector breaches in history.

On this episode of State of Cybercrime, Matt and David draw on their continued coverage of ShinyHunters to break down how the attack unfolded, the tactics behind the group’s approach, and the downstream risk for organizations.

Having tracked this threat across multiple incidents, they'll connect the dots to ShinyHunters' prior breach of Instructure in September 2025, sharing what this repeat breach signals about where attackers are heading next.

Your seat is saved!

You’ll receive a confirmation email from Zoom shortly. Contact us if you do not receive it within 24 hours.

Add to calendar (.ics)

About the series

In today's digital landscape, no industry is safe from cybercrime. Hackers continue to exploit vulnerabilities across sectors, leading to highly destructive breaches.

Our State of Cybercrime series sheds light on the latest high-profile attacks while providing actionable insights across every industry.