This story is still receiving live updates, breaking story is below. This story is ongoing and will be updated as more information becomes available.
Update 5/11/2026 6:52 p.m.: Instructure announced that it has reached an agreement with ShinyHunters and confirmed the return of all data. It is currently unknown the terms of the agreement or how much was paid.
“The data was returned to us, we received assurances that it will not be further shared on the dark web or elsewhere, and we received proof that any copies of that data were deleted. Further, we have been informed that no Instructure customers will be extorted as a result of this incident, publicly or otherwise,” said the update from Instructure CEO Steve Daly. “While there is never complete certainty when dealing with cyber criminals, we believe it was important to take every step within our control to give our customers additional peace of mind, to the extent possible.”
Update 5/8/2026 1:36 p.m.: Information Resources & Technology has sent out an update stating that Canvas is operational, and will be reopened for Sac State students and faculty until 2 p.m. Friday, May 8. The update also states that full access is expected to be restored later Friday afternoon.
“Sacramento State is carefully balancing the need to protect campus systems and data with the importance of restoring access to critical academic resources during semester end,” The update said. “Campus teams are also proactively backing up important grade data and securing systems as part of the restoration process.”
Students are encouraged to keep in mind that Sac State will never ask faculty or students for payment to use Canvas, including for examinations, phishing should be reported to . Instructions for downloading course materials or documents are available here
Update 5/8/2026 9:32 a.m.: The provost has issued another update stating that, though Instructure has restored Canvas, the CSU has not enabled access out of an abundance of caution.
“Access will continue to be restricted until a complete review and validation of the security of the system has been verified,” Cameron wrote in an email to faculty.
Update 5/7/2026 10:26 p.m.: The story has been updated to reflect updates to Canvas as well as adding the response from the hacker group and information from the provost. As of 10 p.m., Canvas has become available for some users, but resources like Canvas Beta and Canvas Test remain in maintenance mode.
Update 5/7/2026 4:11 p.m.: Sac State Information, Resources & Technology sent a message from the chancellor’s office out to Sac State emails. They said that there is no known time frame for when the problem will be solved, or when Canvas will be functioning again.
On Thursday, May 7, students worldwide received a message from the hacker group ShinyHunters when they logged into Canvas. The group claims to have stolen more than 3.65TB of student data from over 9,000 schools, including personal identifying information from over 275 million users.
The hacker group said that if Instructure, the company that owns and operates Canvas, does not respond to their ransom demands by Tuesday, May 12 all the data will be leaked publicly. In an email to The State Hornet, ShinyHunters said that they are not providing further comment at this time.
“Instead of contacting us to resolve it they ignored us and did some ‘security patches.’” ShinyHunters wrote in the ransom message. “If any schools in the affected list are interested in preventing the release of their data, please consult with a cyber advisory firm and contact us privately at TOX to negotiate a settlement.”
The ransom message provided a link to affected schools, including Sacramento State. Six CSU campuses were listed: Humboldt, Long Beach, East Bay, Dominguez Hills, Bakersfield and Channel Island. CSU resources were also affected, including CSU Online, Connect, Global Learn, the Shiley Haynes Institute for Palliative Care and the Office of the Chancellor itself.
“We are working diligently to gather more details to better understand the scope and impact of this incident. Protecting the security and privacy of our students and employees is a top priority,” wrote the CSU Chancellor’s Office in a statement regarding the first hack.
The Chancellor’s Office issued an update on May 7 stating that Canvas is down across all CSU campuses and they are working to fix the issue.
RELATED: META invests in Sacramento State’s Capital Campus project, sparking community questions
Carter Chitiva, a third year journalism major, said that he is worried about the breach. He said that himself and his classmates noticed the breach in the middle of their data science class and were all shocked by the message.
“[I’m] pretty goddamn nervous as, you know, finals are just around the corner. And now I can’t even access anything,” Chitiva said. “According to the hackers, they got everything: our personal emails, our passwords, IDs, any financial information that we had on our accounts – they have everything.”
As of publication, both students and instructors are unable to access Canvas through its website or mobile app. Students are advised to email their professors and stay tuned for any updates or messages about classwork. In an email sent to faculty from Provost Erika Cameron, it has been asked that students are not penalized as a result of this incident. As of 3 p.m. on Thursday, the Canvas website states it is down for maintenance.
Users should not input any personal information, log-in or change passwords into the Canvas system right now.
Sac State and Sac State’s Information, Resources & Technology Office were unable to respond by press time.
This story is ongoing and will be updated as more information becomes available.
Additional Reporting by Chris D. Johnson and Madison Lopez.
Click Here For The Original Source.
