Instructure said ShinyHunters exploited issues tied to Canvas “Free-For-Teacher” accounts, triggering a second Canvas outage within days and disrupting finals across higher education. Multiple institutions canceled or delayed assessments and adjusted grading timelines after Instructure took Canvas offline to contain the incident and investigate suspected data access. Threat actor messaging to affected schools, with a May 12 leak deadline, added uncertainty for administrators running exam schedules. Instructure later reported Canvas was back online, but some colleges continued disabling access while forensic work proceeded. The incident again raised stakes around the exposure of student and teacher data, including names, email addresses, messages, and student ID numbers. With finals underway, the breach demonstrated how quickly a single vendor compromise can force operational changes—grace periods, reissued assignments, and canceled tests—well after the academic calendar has set.