Instructure pays ransom to Canvas hackers

Instructure, the company behind Canvas, says it paid a ransom after hackers tied to ShinyHunters grabbed data tied to roughly 275 million users across 8,800 schools and then promised to delete it. The company says the data was “returned” and that customers won’t be extorted, but the real fireworks are in the comments, where readers are side-eyeing that wording like it just failed a lie detector test. One of the biggest reactions was pure confusion: how do you “return” copied data, exactly? As one commenter basically put it, that sounds like saying a burglar returned your TV after making a duplicate of it.

The mood is a messy mix of skepticism, dark comedy, and doom-posting. Plenty of people are mocking what they see as polished corporate spin, with one commenter laughing at the idea that the public is supposed to relax because “the bad guys assured us things were okay.” Others are asking the obvious scary question: if Canvas got hit more than once in days, why should anyone believe this is over? That turned into the thread’s main drama—peace of mind or payday for future criminals?

Then came the internet’s favorite twist: criminals with a reputation to protect. One commenter joked that ransom gangs almost need to act like trustworthy businesses if they want future victims to pay, which is both horrifying and weirdly hilarious. Even the side chatter got spicy, with one user linking the company’s incident update and another joking this whole saga was somehow “bullish on Monero.” Nothing says 2026 like finals week chaos, a ransom payment, and commenters treating the phrase “data was returned” as the comedy line of the day.