Swedish universities hit by global hacker attack on learning platform

A global cyberattack has disrupted several Swedish universities after hackers targeted the Canvas learning platform, used by over 30 institutions in the country, SVT Nyheter reports.

The attack, claimed by the group Shinyhunters, has exposed student and staff data, including names, email addresses, and private messages. The hackers have threatened to publish all stolen information on Tuesday, May 12, unless their demands are met.

Students logging into the platform on Thursday evening were greeted by the hackers’ message, according to screenshots published by Swedish media. Affected institutions include Chalmers University of Technology, KTH Royal Institute of Technology, Luleå University of Technology, the University of Gothenburg, and Uppsala University.

Canvas, developed by US-based company Instructure, is widely used for course information, assignments, and communication between students and teachers. The breach has raised concerns over the exposure of confidential academic discussions.

“It’s very unsettling to know that private exchanges between students and teachers could be spread publicly,” Henrik Dahlberg, press chief at Chalmers, told news agency TT.

Instructure has stated that “changes have been made” to the compromised login page and now considers the platform secure. However, several universities, including Umeå University, have chosen to keep Canvas shut down until safety can be confirmed.

“We’ve closed it until we feel confident we can verify it’s safe,” said Therese Strandberg, IT director at Umeå University.

Cybersecurity experts suggest the extended deadline for the data leak threat—originally set for May 12—may indicate negotiations over a ransom, though neither Instructure nor the hackers have publicly confirmed this.