News breaking

BREAKING: MIT Canvas goes down after cybercrime group breaches Instructure

MIT is among thousands of universities affected by the breach

By Samuel Yuan and Grace Zhang May. 7, 2026

11365 canvas
A message by the cybercrime group ShinyHunters replaces the Canvas homepage after the group had breached the site on Thursday, May 7, 2026.
News Staff – The Tech

Shortly after 4:00 p.m. on Thursday, May 7, MIT students lost access to Canvas, the platform that hosts instructional material for nearly all courses, following a breach of the website’s parent company Instructure by cybercrime group ShinyHunters.

MIT is among thousands of universities that use Canvas as their primary instructional platform and are affected by the hack.

Initially, users attempting to access the MIT Canvas page were greeted with a message from ShinyHunters that warned affected schools to “consult with a cyber advisory firm” to contact the cybercrime group and “negotiate a settlement” if they were “interested in preventing the release of their data.”

“You have till the end of the day by 12 May 2026 before everything is leaked,” the group wrote.

ShinyHunters claimed that this is the second time that the group has successfully breached Instructure’s services. It also mocked the company for implementing “security patches” and “ignoring” the group.

The message from ShinyHunters was later replaced by a Canvas maintenance notice.

“Canvas is currently undergoing scheduled maintenance,” the page reads. “Check back soon.” No estimate has been provided for when service will return. 

The breach comes just as students are wrapping up their final assignments. According to the MIT Registrar, no assignment may be due after May 8 for subjects with final exams. It also comes just before MIT’s final exams period, which is from May 15 to 20.

MIT’s Information and Systems Technology (IS&T) is aware of the data breach and has issued an announcement on its website. The notice reads, “MIT is actively monitoring the situation and coordinating with the vendor as they work to restore service. This issue originates with the vendor environment and is not the result of an issue within MIT’s local systems.”

Earlier in October, an Amazon Web Services incident resulted in Canvas and Piazza outages that lasted around 12 hours.

At the time of publication, it appears that other MIT websites and internet services, including Piazza, MITx, and Panopto, are not affected.

This is a developing story and may be updated.