“There is never complete certainty when dealing with cybercriminals,” Instructure, the company behind Canvas, wrote. “But we felt it was important to take every step within our control to reassure our customers.”

The company did not specify what steps had been taken, nor whether a ransom had been paid. The deadline for payment was reportedly set to expire today. The hackers have, however, confirmed the deal, NOS reports.

The hackers were allegedly in possession of usernames, email addresses, registration details, and messages within the Canvas educational platform, among other data. In total, 275 million students and teachers from 9,000 educational institutions worldwide use Canvas, including TU/e.

Safe to use

Instructure says all data has been returned and that the hackers provided digital confirmation that the stolen information had been destroyed. The hackers also reportedly promised not to extort any of the company’s customers further.

Instructure additionally stated that Canvas is fully operational and safe to use. Although the company had already said this yesterday, TU/e’s Executive Board announced in an update that it first wanted to conduct risk assessments before restarting the system. Whether the latest developments will change that position remains unclear, according to a spokesperson. Instructure says it is continuing to investigate the hack.

This article was translated using AI-assisted tools and reviewed by an editor