Edu tech firm Instructure discloses cyber incident, probes impact
Instructure, the company behind the widely used Canvas learning platform, has disclosed that it recently suffered a cybersecurity incident and is now investigating its impact. [...]
Incident coverage examines breaches, outages, and response failures to explain how security events affect systems, data, and organizations.
Search across headline titles and summaries.
Background for this topic.
An incident is a suspected or confirmed event that threatens the confidentiality, integrity, or availability of information or systems, or violates a security policy. Examples include unauthorized access, malware execution, exposed credentials, data loss, and disruptive attacks. Not every alert is an incident: triage determines whether an event is credible, its scope, and the assets or data involved.
Incident handling requires timely detection, analysis, containment, eradication, and recovery. Practitioners must preserve relevant evidence, identify affected accounts and systems, assess whether data was accessed or altered, and prevent recurrence. Clear escalation and documentation support privacy or regulatory notifications when applicable. Findings should feed security improvements such as closing exploited vulnerabilities, strengthening access controls, and updating detection and response procedures.
Instructure, the company behind the widely used Canvas learning platform, has disclosed that it recently suffered a cybersecurity incident and is now investigating its impact. [...]
BleepingComputer initially published a story about a new data breach at Instructure. Shortly after publication, we determined that the information was incorrect and primarily based on outdated details from a prior incident. The article has been retracted, and we regret the error. [...]
Instructure, the company behind the widely used Canvas learning platform, has disclosed a security incident after a social engineering attack allowed hackers to access data in its Salesforce instance. [...]
Two former employees of cybersecurity incident response companies Sygnia and DigitalMint were sentenced to four years in prison each for targeting U.S. companies in BlackCat (ALPHV) ransomware attacks. [...]
Ryan Goldberg and Kevin Martin attacked five companies in 2023 and extorted nearly $1.3 million from one of their victims. The post Former incident responders sentenced to 4 years in prison for committing ransomware attacks appeared first on CyberScoop.
UK Government Said It Is Working With Chinese Officials to Remove ListingsThe U.K. government is working with Chinese officials to remove the sensitive de-identified data of 500,000 participants of the UK Biobank that was listed for sale on the Chinese e-commerce site Alibaba. U.K. officials said the incident did not appear to involve a cyberattack.
Cybercrime Gang ShinyHunters Claimed to Steal 9M RecordsMedtronic has told federal authorities that cybercriminals hacked its corporate IT systems, but said the incident did not affect the medical device makers' products, manufacturing or distribution operations. Cybercrime gang ShinyHunters reportedly claimed responsibility for the hack.
Checkmarx has disclosed that its ongoing investigation tied to the supply chain security incident has revealed that a cybercriminal group published data related to the company on the dark web
Itron confirmed a cyber incident but does not believe it is likely to have a material impact on the company
Itron, Inc. has disclosed, via an 8-K filing with the U.S. Securities and Exchange Commission (SEC), a cybersecurity incident in which an unauthorized third party accessed certain internal systems. [...]