Teachers and students at Long Beach Unified, Cal State Long Beach and Long Beach City College were locked out of the computer system used for grades, assignments and messages on Thursday afternoon after an apparent cybersecurity breach targeting school districts and higher education across the country.
Long Beach Unified said it learned on Tuesday that Instructure, the third-party provider of the district’s grading platform, Canvas, had been hacked by an “unauthorized individual” who gained access to “certain identifying user information,” according to an email sent to families and staff, reviewed by the Long Beach Post.
The email said that Instructure confirmed the incident had been contained and that Canvas remained fully operational. But by Thursday after lunch, teachers told the Post they had lost access to the platform and that when they tried to log in, they were instead met with a pop-up allegedly from ShinyHunters, a cybercrime group linked to a series of high-profile data breaches this week from K-12 schools to major university systems nationwide.
The message, reviewed by the Post, appeared to be holding the district’s data for ransom. It demanded that schools consult with a cyber advisory firm and negotiate a settlement with ShinyHunters before May 12. Otherwise, the message said, their data would be leaked.
It was unclear what information had been compromised, though an email to students and staff at CSULB indicated that names, email addresses, campus ID numbers and user messages may have been affected. LBUSD wrote to staff and families that “the extent of the vendor’s data incident is not yet known, as the investigation continues.”
Instructure had already taken action to shut down Canvas, address the vulnerability that led to the breach, engage with forensic experts, notify law enforcement (including the FBI and CISA) and enhance monitoring and security, according to information on the Cal State University website. This comes a week before final exams are set to be administered at CSULB.
LBUSD teachers told the Post that this incident was hugely disruptive. Tom McNamee, a teacher and tech coordinator at Lakewood High School, said that most of what teachers need to access is built and stored in Canvas. He got around that by housing most of his materials in the Google suite, allowing students to continue working on their projects.
One employee at Poly High School said that student progress reports were due imminently but she couldn’t access the platform to input grades. The Canvas homepage on Thursday afternoon read, “Canvas is currently undergoing scheduled maintenance. Check back soon.”
A text sent out to the LBUSD community shortly after 2:30 p.m. confirmed that the district had restricted access to Canvas. The platform has become the default system for education management in the U.S., and reliance on the system means many institutions have been impacted by the hack.
As Lakewood tech coordinator, McNamee said he has been flooded with questions from teachers about whether they should change their passwords or take action to protect their information.
“You don’t have to do that yet,” he said, based on what he understood from LBUSD’s Information Technology department. According to McNamee, district officials indicated the incident was unlikely to involve a “computer worm” — a type of malicious software that can replicate and spread to other computers — which would likely require more immediate action, such as password changes.
Yet he still advised that teachers and students avoid engaging with the site and that they be ready to work offline. “It’s a good teachable moment,” he said.