Instructure said it has paid a ransom to the hackers behind a Canvas breach, after the attackers returned hacked personal data and offered assurances that no Instructure customers will be extorted as a result of the incident. The company has not disclosed the settlement amount. The payment and return of data underscore how learning-management-system providers are becoming higher-value targets, especially as universities increasingly rely on Canvas for assignment delivery, grade posting, and course communications. For campus IT and compliance leaders, the episode raises immediate questions about notification timelines, credential-handling practices, and how federated login and third-party integrations were affected—regardless of whether extortion threats materialize.