URGENT: Canvas hack: company pays criminals to delete students’ stolen data – cybersecurity crisis deepens

Sources confirm that Canvas, the learning management system used by thousands of schools globally, paid cybercriminals to delete student data stolen in a massive breach. The paymen...

By Marcus Stone

Published 13 May 2026·2 min read

URGENT: Canvas hack: company pays criminals to delete students’ stolen data – cybersecurity crisis deepens

Photo by The British Wire Photography on Unsplash

Sources confirm that Canvas, the learning management system used by thousands of schools globally, paid cybercriminals to delete student data stolen in a massive breach. The payment, made in cryptocurrency, was intended to prevent the release of sensitive records including grades, personal details, and login credentials. But the deal has backfired.

The hackers took the money but kept copies of the data, sources say. The breach, uncovered by cybersecurity firm Darklight, affected over 30 million users worldwide. Emails show Canvas execs approved the ransom after the FBI refused to intervene.

“We had no choice,” a source close to the company said. But security experts say the payout only emboldens criminals. “This is a catastrophe,” said Dr.

Elena Marchetti, a cybercrime researcher at King’s College London. “Paying ransoms never works. It funds the next attack.

” Data from the National Crime Agency shows ransomware attacks on UK schools rose 140% in the past year. Canvas, owned by Instructure, has not confirmed the payment publicly. But leaked internal documents reveal the board authorised a transfer of $1.

2 million in Bitcoin. “The data was already backed up, but they paid anyway,” the source said. “They were terrified of the PR disaster.

” The hackers, believed to be linked to the REvil group, demanded the payment or they’d leak the data on dark web forums. When the payment was made, they deleted the primary database but kept a copy. They are now selling it, sources confirm.

“This is a textbook case of corporate incompetence,” said former GCHQ analyst James Broad. “You don’t negotiate with terrorists. You secure your systems and notify the authorities.

” The Information Commissioner’s Office has launched an investigation. A spokesperson said, “We are aware of reports and are making inquiries.” Schools using Canvas have been advised to reset passwords and monitor for phishing attacks.

This is the latest blow to an education sector already reeling from cyber attacks. In 2024, the University of Manchester paid a ransom after similar hack. The crisis shows no signs of abating.

Capital Wire

URGENT: Canvas hack: company pays criminals to delete students’ stolen data – cybersecurity crisis deepens

Marcus Stone

In Case You Missed It

EXCLUSIVE: Hantavirus Havoc or Just a Case of Bad PR? The ‘End of the World’ Blames Tourists for Their Own Doom

BREAKING: Eurovision’s Israel fallout threatens to permanently reshape global competition

Trump’s China Visit to Test Fragile Truce on Trade, Taiwan and Iran

The Welfare Paradox: How Economic Shifts Are Reshaping India’s Electoral Landscape

Indonesian Volcano Erupts as British-led Hiking Group Narrowly Escapes Disaster

Gaza sisters win prize for turning rubble into reusable bricks in architectural triumph

Australia’s Housing Crisis Deepens as Tax Break Scrapping Fails to Curb Soaring Prices

LIVE: A decade on, Trump returns to a stronger and more assertive China on trade mission