Reed NewsReed News
Transparency

Instructure reaches deal with hackers after global breach

Reliability

Corroborated

Based on 21 sources

Source Diversity
Major Media (1)Research (20)
NBSV

Publications (20)

Sources (21)
2 sources share identical headlines across 1 outlets (wire service copies)

Fact-Checking

57 claims

Nearly all colleges and universities in Norway use Canvas.

12 backing sources

Open Questions

5 questions
How much did Instructure pay the attackers, if anything?
Has the stolen data truly been deleted, or could copies exist elsewhere?
What specific vulnerability in the Free-For-Teacher service was exploited?
Are any Norwegian or Swedish student records among the exfiltrated data?
Will the agreement with the threat actor prevent future leaks or attacks?
Number of affected institutionsfactual

Approximately 9,000 institutions were impacted.

According to www.bbc.com, ebuildersecurity.se
vs.

8,809 institutions were impacted.

According to www.halcyon.ai

Context: The exact scale of the breach is unclear, which affects risk assessment for individual institutions.

Date of breach detectionfactual

The breach was first detected on 30 April 2026.

According to ebuildersecurity.se
vs.

The attack occurred on 25 April and was detected on 29 April.

According to www.miun.se

Context: Discrepancy in the timeline may indicate incomplete incident reporting or different detection points.

Public disclosure datefactual

Instructure publicly disclosed the incident on 2 May.

According to www.miun.se
vs.

ShinyHunters published Instructure on its leak site on 3 May.

According to ebuildersecurity.se

Context: Unclear whether Instructure disclosed before or after the attackers' leak site publication, affecting transparency assessment.

Research Log

2 queries
This article was produced by Reed News using AI. All claims are cross-referenced against multiple sources.
Transparency - Instructure reaches deal with hackers after global breach | Reed News