Last Friday, TU/e pulled the plug on Canvas, the online platform students and teachers use for education. The hackers from ShinyHunters, who had previously appeared to have been driven out of the systems of the American company Instructure, turned out to have gained access again.

Universities ranging from Harvard to Twente have fallen victim, and the data of 275 million users is at risk. As far as is known, the hackers stole names, email addresses, and student numbers, along with messages sent within Canvas.

Eindhoven

TU/e reported on Friday that Canvas would remain offline at least through Monday. Today, the Executive Board (CvB) said in an intranet update that the university intends to restart the system from next week. Until then, TU/e ​​is conducting risk analyses regarding the restart. Instructure claims that Canvas can be used safely again, but the university wants to conduct its own assessment first, given that the company previously declared the software secure and it was breached again.

The university expects to have more clarity regarding the exact timeline for the restart by May 13. In the meantime, TU/e ​​lecturers are trying to provide education in the best possible way. Most of them do so by switching to Teams.

In the meantime, the hackers’ business model remains simple: they demand ransom money for the information. If they are not paid for tomorrow, they will post the information on the dark web, where scammers can do whatever they want with it.

‘Click here …’

Students may therefore start receiving dangerous emails that make use of their student number and email address. This can make phishing emails sound more convincing. For example: your enrollment is not yet complete, click here to add your details. Or: you missed a tuition payment, click here to transfer it now. If you click, you may end up on a malicious website.

Several websites explain how phishing works. Vrije Universiteit Amsterdam (one of the affected institutions) has listed a number of warning signs on its own website.

‘Do it now’

Always pay attention to the sender, is one of the tips. The sender may call themselves “Administration Department,” while the email address does not belong to your own educational institution. You can check suspicious links on the website checkjelinkje.nl.

Phishing emails also often try to create a sense of urgency: do it now, avoid fines, your account will be closed, last chance … Don’t fall for it. The opposite can happen as well: good news, click here for free items, check this OneDrive for all the information … Then you are asked to log in or transfer money.

The Dutch government also has a website about staying safe online. Among other things, it warns about domains that replace the letter “o” with the number “0,” or the letter “l” with the number “1.” For example: h0gesch00l or Ti1burg University.

‘Do you like …?’

Scammers can work even more strategically by combining information from social media with leaked data. For example, if you play korfball, you might receive an email about a korfball tournament for students. Thanks to AI, scammers may increasingly personalize spam messages.

In any case, stay alert. To help others, you can report fraudulent emails using the red “report” shield icon in Outlook.

This article was translated using AI-assisted tools and reviewed by an editor.