275M Canvas Users Hacked & Instagram Quietly Kills DM Encryption
Today's security news hits two ends of the spectrum: a massive education-sector breach affecting hundreds of millions of students and educators, and a quiet but consequential rollback of privacy protections on one of the world's biggest messaging platforms. Here's what you need to know — and why it matters.
275 Million Canvas Users Caught in Nationwide School Hack
The notorious cybercrime group ShinyHunters has hit Canvas, the online learning platform used by nearly every U.S. school and college, defacing login pages with a ransom note and threatening to leak data tied to 275 million users at roughly 9,000 institutions. Stolen records reportedly include names, emails, student IDs, and private messages. To contain the damage, Canvas operator Instructure pulled the platform offline right in the middle of finals week — calling it "scheduled maintenance." If you, your kids, or your employees have ever logged into Canvas, your data is very likely caught in this breach. Expect a wave of phishing attempts impersonating schools, professors, and Canvas itself in the coming weeks.
Read more on Krebs on Security
Meta Pulls the Plug on Encrypted Instagram DMs
In a quiet but significant reversal, Meta has removed the option for end-to-end encrypted direct messages on Instagram, pushing users toward WhatsApp instead. The company cited low adoption, but the result is that billions of Instagram conversations are once again readable by Meta — and potentially accessible to law enforcement, advertisers, and anyone who breaches Meta's systems. Privacy advocates and Proton are warning that users now have far less protection over their private chats, with no clear word on what happens to messages that were previously encrypted. Given Meta already mines private AI chats for ad targeting, this is a moment to seriously rethink which platform you use for sensitive conversations.
Stay ahead of threats with GOCO Security at gocosecurity.com.
.jpg)
Comments
Post a Comment