Deepthix .
← Retour au blog
tech 12 May 2026

Instructure Pays Ransom to Canvas Hackers: What It Means for Cybersecurity

Instructure, the company behind Canvas, paid a ransom following a cyberattack. Let's explore the implications for cybersecurity in the education sector.

Article inspired by the original source
Instructure pays ransom to Canvas hackers ↗ www.insidehighered.com

Introduction

The recent incident involving Instructure, the company behind the online learning platform Canvas, has shed a harsh light on the cybersecurity challenges facing tech companies today. After being targeted by a ransomware attack, Instructure made the controversial decision to pay the ransom to recover compromised data. What does this mean for the tech sector, and more specifically, for companies operating in the educational field?

Details of the Attack

Although the exact amount of the ransom paid has not been disclosed, Instructure confirmed that the hackers returned the compromised personal data and assured that no customer would be extorted. This raises a crucial question: why did a company the size of Instructure, with considerable resources, choose to comply with cybercriminals' demands?

Consequences for Education

With the significant increase in remote learning, notably amplified by the COVID-19 pandemic, online educational platforms have become prime targets for cyberattacks. According to a report by Cybersecurity Ventures, cyberattacks on the education sector increased by 30% in 2025 compared to the previous year. Educational institutions, often underfunded in digital security, are particularly vulnerable.

Why Pay?

The decision to pay a ransom is often seen as controversial. However, for Instructure, this decision could be viewed as a means to avoid massive disruptions for millions of users worldwide. The potential cost of data loss or prolonged service outages could far exceed the ransom amount.

Strengthening Cybersecurity

This incident underscores the importance for companies, particularly those in the educational sector, to strengthen their cybersecurity measures. Proactive approaches, such as adopting AI for anomaly detection, can offer a more robust line of defense against these threats. Investments in employee training on cybersecurity best practices are also essential.

Trust and Reputation

User trust is a valuable asset for any tech company. After an attack of this type, restoring trust requires transparent communication and concrete actions to prevent future incidents. Instructure will need to work hard to reassure its users and partners.

Conclusion

The Instructure incident is a stark reminder of the cybersecurity risks in today's digital world. For tech sector companies, it's imperative not to wait for an attack to invest in robust security measures.

Let's discuss your project in 15 minutes.

cybersécurité ransomware Instructure éducation Canvas
Deepthix newsletter · 100% AI · every Monday 8am

An AI agent reads tech for you.

Our AI agent scans ~200 sources per week and ships the best articles to your inbox Monday 8am. Free. One click to unsubscribe.

Visit the newsletter page →

Want to automate your operations?

Let's talk about your project in 15 minutes.

Book a call