Instructure’s Canvas platform faced another major cybersecurity disruption tied to ShinyHunters, with the company reporting it reached a deal to delete data stolen during the attack. Instructure said it returned the data and received “digital confirmation” of destruction via “shred logs,” while warning that it could not guarantee deletion with complete certainty. The breach disrupted teaching and assessment operations during finals season, according to reporting referenced in the story: students were locked out and many could not submit end-of-semester assignments, including exams and final projects. The attack also renewed campus concerns about the operational risk of relying on centralized third-party learning management systems. Across the sector, the practical takeaway for higher education leaders is governance: institutional IT and security teams must treat LMS incidents as continuity-of-instruction problems, not just isolated IT events. The story notes earlier patterns in which attackers pivot through third-party vendors to reach institutional data. As campuses continue to standardize on SaaS platforms, this incident intensifies pressure for stronger vendor oversight, incident-response playbooks, and clearer escalation paths for academic downtime and student privacy impacts.