WSU students may have had school information, including student ID numbers, stolen in last week’s Canvas hack.
In a post on its website, WSU Information Technology Services warned after the hack, student’s email addresses, names and ID numbers could have been exposed.
WSU said continued Canvas accessibility is “not guaranteed.” WSU recommends students and faculty download any course materials they may need. Faculty should upload final grades as soon as possible.
The hack, which took down Canvas on Thursday, was done by cybercriminal group ShinyHunters. In a message that showed briefly on Canvas, the group claimed to have breached Canvas “again.” The message said the nearly 9,000 affected schools have until May 12 to “negotiate a settlement” before “everything is leaked,” referring to data the group claims to have taken in the hack.
The breach was eventually contained later that day.
ShinyHunters was formed in 2019 and uses data breaches to extort companies. They steal data from companies and threaten to leak it unless a ransom is paid.
Canvas is used by students to turn in homework and assignments, view study materials and check grades. Canvas is used by over 40% of colleges and universities nationwide.
Michael Johnson • May 11, 2026 at 8:45 pm
No excuses. WSU should fire the CIO and CISO immediately. These knuckleheads are responsible for the safety of our data. Just because they are lazy and outsourced our data doesn’t mean for one second they are not responsible. No sympathy, just responsibility. Fire Tony