Education institutions affected by Canvas hacking

已複製連結

The e-learning platform Canvas has been hacked, affecting multiple educational institutions in Hong Kong. The Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) said it has contacted the affected institutions and can offer assistance.

The Centre noted that it became aware of the incident earlier this month, when the online teaching platform Canvas was breached by hackers calling themselves ShinyHunters. The hackers demanded a ransom from the platform. The Centre had already warned local institutions to take precautions.

The incident has affected around 9,000 educational organisations worldwide. In Hong Kong, at least five institutions and organisations — including PolyU and the Hong Kong Institute of Construction — have been impacted, with data of over 45,000 students and staff leaked. The leaked information initially includes names and email addresses. The Centre described Hong Kong as an "affected party", and said it is working with the Digital Policy Office to follow up. It also reminded teachers and students at affected institutions to be vigilant, as the hackers may attempt "secondary fraud".