A sweeping cyberattack targeting the Canvas learning platform has placed 177 Australian schools, universities and educational institutions on an unverified dark web list allegedly compiled by hackers, prompting urgent investigations and cybersecurity warnings nationwide.
The hacker group ShinyHunters claims it accessed data from Canvas, used by hundreds of millions worldwide, and is threatening to release stolen information unless its demands are met by May 12.
Parent company Instructure has confirmed personal data, including names, email addresses, student IDs and some inbox messages, has been accessed, though the full extent remains under investigation.
Among the institutions identified on the unverified list is Greek Orthodox school All Saints Grammar in Sydney, alongside major education providers such as Melbourne Archdiocese Catholic Schools (MACS) and Sydney Catholic Schools.
The broader list also includes major universities such as the University of Melbourne, University of Sydney, RMIT and Swinburne University, as well as elite private schools including Cranbrook School, Abbotsleigh, Ascham School, Brisbane Grammar School and Carey Baptist Grammar School.
Education departments in Queensland, New South Wales and Victoria are also named, along with organisations such as TasTAFE. In response, the University of Melbourne shut down its Canvas system as a precaution.
Australia’s National Cyber Security Coordinator Michelle McGuinness said authorities were working with states and education bodies to manage the incident, noting there is currently no evidence of stolen financial or identity document data.
She urged heightened vigilance against scams, warning: “Do not respond to unsolicited contact… Do not click on links in emails, text messages, or through other messaging platforms.”
Cybersecurity experts say education platforms remain prime targets due to the large volumes of personal and institutional data they hold, with Proofpoint warning such systems are “treasure troves” for cybercriminals.
Investigations across Australia are ongoing as institutions work to determine whether their data has been directly compromised.
Source: Daily Telegraph.
