Pakistani Universities Safe Amid Global ShinyHunters Ransomware Attack
A recent ransomware attack conducted by the notorious hacking group ShinyHunters has disrupted academic activities at nearly 9,000 universities and schools worldwide. The attack specifically targeted the popular Canvas learning management system (LMS), leading to postponed exams and data breach threats affecting millions of users.
The ShinyHunters group infiltrated Canvas during finals week in multiple countries including the United States, Canada, Australia, the United Kingdom, the Netherlands, Sweden, and New Zealand. Their breach affected sensitive data belonging to approximately 275 million students, teachers, and staff. Institutions reported outages, forced cancellations, and postponements of final exams as they attempted to mitigate the damage. The hackers demanded a ransom be paid in bitcoin by May 12 to prevent the public release of stolen data.
Instructure, the company behind Canvas, confirmed that the platform experienced significant downtime starting Thursday but has since become available for most users. However, many universities continued experiencing intermittent access issues into Friday. The learning management system serves over 30 million active users worldwide, hosting course materials, assignments, grades, and private communications.
The ransomware note displayed by ShinyHunters on student screens accused Instructure of ignoring their ransom demands and implementing insufficient security measures after an initial attack earlier in May. The group claimed to possess billions of private messages exchanged on the platform. This cyberattack caused major disruptions in academic schedules, including canceled or delayed exams at institutions like the University of Sydney, Idaho State University, and Penn State University.
Despite the widespread impact, Pakistani universities appear largely untouched by this specific attack due to their reliance on alternative LMS platforms such as Google Classroom, Moodle, and various indigenous systems. The Higher Education Commission of Pakistan has not issued any alerts regarding Canvas or related security incidents. Prominent Pakistani universities including Lahore University of Management Sciences (LUMS), National University of Sciences and Technology (NUST), and Quaid-i-Azam University primarily use other management solutions.
Cybersecurity experts caution that educational institutions globally remain vulnerable to ransomware and cyberattacks regardless of the platform used. They emphasize the importance of strong security protocols, regular data backups, and ongoing training to guard against phishing attempts, often a main vector for these breaches.
ShinyHunters, believed to be a loosely connected group of young hackers primarily based in the United States and the United Kingdom since 2020, have previously been linked to high-profile data breaches, including the 2024 incident compromising 560 million customer records of Ticketmaster’s parent company Live Nation, and a 2023 attack on Jaguar Land Rover.
As the global education sector strengthens its response to this incident, Pakistani institutions continue monitoring cybersecurity developments but remain unaffected by the Canvas attack. Stakeholders anticipate a continued focus on enhancing cyber defenses to protect sensitive academic data in the future.