Colleges hit in cyberattack by group behind Canvas breach, Google says

Higher Ed Dive

Laura Spitalniak

June 12, 2026

The cybercrime group ShinyHunters targeted Oracle’s PeopleSoft software and may have gained access to data at more than 100 organizations, according to a Thursday report.

Dive Brief:

• Dozens of higher education institutions may have been hit by another attack from the cybercrime group behind the May hack against Canvas, according to the Google Threat Intelligence Group and cybersecurity firm Mandiant.

• From May 27 and June 9, the group ShinyHunters potentially gained access to the systems of over 100 organizations by targeting the Oracle PeopleSoft software suite. A majority of them are based in the U.S., and 68% are within the higher education sector, GTIG and Mandiant said in a post Thursday.

• ShinyHunters twice gained unauthorized access to Instructure’s Canvas learning management system last month, disrupting final exam season at colleges nationwide.

CONTINUE READING