UCI students received pop-up messages on Canvas at approximately 1:05 p.m. today on May 7. Following an initial message on all Canvas websites from the ShinyHunter hacker group, Anteaters are currently unable to access Canvas and the webpage is currently down for maintenance. The group reportedly breached Instructure — the parent company of Canvas — potentially compromising the data of hundreds of millions of users across the U.S. on May 3.
The group alleged that they possess billions of private messages sent through Canvas, which may include emails, addresses, phone numbers and student ID numbers.
On May 6, some UCI students received an email from the UCI Office of Information Technology (OIT) regarding a University of California Office of the President (UCOP) statement on the nationwide cybersecurity incident. UCOP stated that they, “close communication with Instructure and are actively coordinating with UC location cybersecurity partners to monitor the situation.”
Other schools were already impacted by the hacker group earlier this week. The ShinyHunter group stated on May 3 that they will leak data obtained from Pennsylvania State University on May 8. The warning displayed on UCI students’ screens stated that affected schools and Infrastructure have until the end of day on May 12 to negotiate a deal with ShinyHunters.
UCI OIT could not be reached for comment at this time.
Infrastructure’s website is providing status updates.
Kaelyn Kwon is a 2025-2026 Managing Editor. She can be reached at kaelynmk@uci.edu
