A cyberattack tied to ShinyHunters is hitting education technology ecosystems used by universities, with Google saying it involves Oracle PeopleSoft systems and may have affected data at more than 100 organizations. The incident underscores that universities’ security risk can expand beyond their own networks and reach into enterprise systems and vendor-managed platforms. In parallel, a separate assessment of higher-ed cyber risk points to Canvas learning management systems as repositories of institutional memory. The guidance warns that cybersecurity accountability does not end with vendor hosting, because course archives, advising, accommodations, and integrations all broaden the institution’s exposure and complicate what can be known, monitored, or recovered after an incident. For campus IT leaders, the immediate operational takeaway is governance: institutions need clearer visibility into what data sits inside LMS platforms, what integrations retain or replicate it, and who is accountable when a vendor breach turns into a campus-wide compliance and risk issue.