A large-scale cyber-attack on a digital learning platform widely used across the United States has disrupted final exams, forcing universities and schools to scramble as students lost access to course materials during a critical exam period.
The platform, Canvas, went offline on Thursday after what cybersecurity analysts described as a coordinated attack. The outage affected thousands of educational institutions that rely on the system for assignments, lecture notes, grades, and exam preparation materials.
Students across the country quickly turned to social media to report issues accessing the system. Many said they were unable to view study materials needed for upcoming final exams, creating confusion and panic during one of the busiest academic periods of the year.
Several universities confirmed disruptions soon after the outage began. University of Texas at San Antonio announced that it was postponing some final exams scheduled for Friday due to the system failure.
Officials at multiple institutions described the situation as serious and warned students to expect delays or changes in exam schedules. Administrators also began sending urgent alerts to students and staff explaining the outage.
At University of Iowa, a senior IT official described the incident as a “national-level cyber-security incident” in a message to students and staff. The statement added that technical teams were working to restore services as quickly as possible.
Other universities, including Virginia Tech and the University of New Mexico, also acknowledged the disruption and warned that final exams and end-of-semester activities could be affected.
The University of Florida advised students to remain cautious, warning that phishing emails pretending to be from Canvas could appear during the outage.
Some professors said they were forced to quickly change their teaching plans. Without access to lecture notes, assignments, and grading tools, many instructors had to find alternative ways to distribute study materials.
In one example, a political science lecturer at the University of Pennsylvania said students were left unable to access course readings and slides ahead of final exams, describing the situation as a major disruption to academic work.
Reports from student newspapers also confirmed that institutions such as Harvard University experienced similar outages, while students at Johns Hopkins University received error messages when trying to access grades.
School districts also responded to concerned parents. Officials in Spokane, Washington, said they were not aware of any evidence that sensitive student data had been compromised during the attack.
Cybersecurity analysts said a hacking group known as ShinyHunters claimed responsibility for the incident. The group allegedly posted claims online suggesting that nearly 9,000 schools worldwide were affected.
Security researchers said the attackers may have accessed large volumes of private messages and academic records stored on the platform. However, these claims have not been independently confirmed.
Instructure, the company that operates Canvas, did not immediately respond to public requests for comment about whether the outage was caused by the attack or taken down as a precaution.
Cybersecurity experts say education systems have become increasingly attractive targets for hackers because they store large amounts of personal and institutional data. In recent years, several US school districts have been hit by similar cyber incidents, including attacks in Minneapolis and Los Angeles.
Analysts noted that digital learning platforms now hold sensitive student records, messages, and academic data that were previously stored in physical files. This shift has made schools more vulnerable to large-scale cyber threats.
Security experts compared the Canvas incident to a previous attack on another education platform, PowerSchool, which also suffered a major breach involving student data.
Researchers believe groups like ShinyHunters operate as loosely organized networks of young hackers who target large digital systems for financial gain or data theft. The group has previously been linked to other high-profile cyber incidents involving major companies.
Investigators are still working to determine the full scale of the breach and whether any student or institutional data was permanently accessed or leaked.
As schools work to restore access and adjust exam schedules, the incident has raised fresh concerns about the security of digital education systems and their growing role in everyday academic life across the United States.
