Instructure, the company behind the educational platform Canvas, has reached an agreement with cybercriminals to prevent the release of sensitive data stolen during a recent cyberattack. The breach affected numerous schools, students, and teachers, leading to temporary disruptions when Canvas was taken offline. This action followed after attackers defaced the login page, causing significant concern in the education sector. The ShinyHunters group, known for data theft and extortion, claimed responsibility for the attack, which involved 3.65 terabytes of data from 8,809 school systems. Instructure has not confirmed payment of a ransom but stated that they received digital confirmation of data destruction and reassurances that no further extortion would occur. The breach exposed usernames, email addresses, and enrollment information, though course content and credentials remained secure. The incident has drawn attention from lawmakers, prompting a request for a briefing on Instructure's response and coordination with federal agencies. Instructure has since enhanced security measures by revoking access tokens and deploying additional controls. The company insists that Canvas is now safe to use, although some users are still experiencing access issues as systems are restored.