A higher education cybersecurity warning highlights how the Canvas hacking campaign may now be extending beyond learning platforms into core enterprise software. Reporting cited Google Threat Intelligence Group and Mandiant, which said ShinyHunters obtained access to Oracle PeopleSoft in more than 100 organizations between May 27 and June 9, with about 68% of targets identified as colleges or universities. The breached workflow reportedly resulted in stolen data being published on ShinyHunters’ DLS. The alert underscores a common failure mode for institutions: remediation may address the initial vulnerability while leaving downstream systems exposed, including HR and financial management environments. The University of Nottingham confirmed it was part of the breach, while officials told students they were determining what data had been accessed. For campus CIOs and compliance leaders, PeopleSoft-level compromise increases the urgency for identity governance, auditing, logging review, and vendor assurance. Institutions are likely to face growing pressure to demonstrate incident response readiness and data governance controls—especially where sensitive student records, financial data, or HR information are involved.