Canvas owner pays hackers to erase data

The company behind Canvas says it reached an agreement with hackers after a cyberattack disrupted thousands of colleges and universities and exposed stolen data to criminal leverage.

That disclosure marks a sharp turn in a crisis that touched one of higher education’s most widely used digital platforms. Reports indicate the company did not just work to contain the breach; it also negotiated with the attackers in an effort to secure deletion of the data they took. The move underscores the brutal math of modern ransomware-style incidents, where companies face pressure to protect users even after intruders break in.

The company says it “reached an agreement” with the hackers after an attack that hit colleges and universities using Canvas.

The decision to pay criminals, or otherwise strike terms with them, rarely ends the story. It opens another one. Schools, students, and staff now need to know what data attackers accessed, whether deletion claims can be trusted, and what protections come next. Cybersecurity experts often warn that once data leaves a system, no outside party can fully verify what criminals kept, copied, or sold.

Canvas sits at the center of daily academic life for many institutions, which makes any disruption especially painful. When a platform like that falters, classes slow down, assignments stall, and confidence erodes fast. Sources suggest the company now faces twin pressures: restore operational trust for schools and explain why an agreement with hackers offered the least damaging path through the crisis.

The next phase will likely bring scrutiny from institutions, security teams, and possibly regulators as they assess how the breach unfolded and what obligations follow. For colleges and universities that depend on third-party education software, the episode lands as a warning: digital convenience also concentrates risk, and when attackers strike a central platform, the fallout spreads far beyond a single company.