UCSD, San Diego State part of widespread attack on Canvas education platform
This warning screen presented when students tried accessing their courses on Canvas. Captured at 1:06 p.m. (Photo by Thomas Murphy/Times of San Diego)
Hacker group ShinyHunters has compromised the learning platform Canvas, disrupting exam preparation and coursework for students at UC San Diego and San Diego State University.
Students were hit with the shutdown just before 1 p.m. on Thursday. Screens across the country displayed the same warning, with the threat that the schools’ data would be released if a settlement could not be reached by Tuesday.
The group claims to have stolen 280 million records from nearly 9,000 institutions, ranging from Ivy League schools to international universities. Since forming in 2019, ShinyHunters claims to have stolen data from Microsoft and Ticketmaster, along with AT&T in two separate instances.
Canvas is operated by Instructure, which calls the platform “the most-visited education website in the world.”
“At this time, please DO NOT attempt to access Canvas in any way until further notice. If you are currently in the system, do not click on any links; just close your browser,” UCSD’s executive vice chancellor Elizabeth Simmons said in an email at 2:45 p.m. on Thursday.
UCSD’s Information Technology Help Desk said it would not provide additional information. All updates are being posted to the school’s Systems Status tracker, which listed their first report at 1:10 p.m.
The school has told students to wait for instructions from professors for alternatives for submitting assignments. There are no estimates for when the situation will be resolved, according to San Diego State.
“It’s out of our control. We do have other applications on campus that we can still use, but for Canvas-related issues, we can’t do anything at the moment. There’s no timeline,” SDSU’s Information Technology department said in a statement at 3:34 p.m.
The outage has affected students in different ways. It’s finals season at many semester-based schools, so the disruption has cut off most, if not all, of their course resources.
UCSD uses a quarter system, meaning Tritons are studying for midterms and submitting regular assignments through Canvas. Many were caught off guard by the shutdown.
The outage struck just as Raymond Warner clicked to send in his assignment, only to be greeted by the hackers’ warning screen right before 1 p.m. With classes still underway, Warner wondered how this might affect his next two lectures.
“For the first, we pull the worksheet from Canvas, so we’ll see how the professor adapts,” said Warner, a master’s student in chemical engineering. “I feel bad for the students with midterms today, who would’ve used Canvas to study.”
UCSD master’s student Raymond Warner is wearing a Pokémon shirt, which he described as “ironic” since the hacking group ShinyHunters is named after the popular series. (Photo by Thomas Murphy/Times of San Diego)
According to EdSource, the entire California State University system, which includes San Diego State and Cal State San Marcos, has been affected. In 2024, federal prosecutors said that between April 2020 and July 2021, ShinyHunters posted sales of hacked data from more than 60 companies and sometimes threatened to leak or sell stolen sensitive files unless a ransom was paid.
The San Diego Community College District continues to deal with an unrelated cyberattack that began Saturday. Thursday’s attack on Canvas is not connected, a district spokesman said, explaining that they are “separate systems.”
» Originally published by Times of San Diego on May 7, 2026. News editor Jennifer Vigil and reporter Drew Sitton contributed to this report.