Rutgers Exams Impacted After Canvas Cyberattack Raises Concerns Across Universities

Students at Rutgers University faced disruptions during the exam period after a major cybersecurity incident affected Canvas, a widely used online learning platform relied on by colleges and universities across the United States.

University officials confirmed that Rutgers was among the institutions impacted by a data breach connected to Instructure, the parent company behind the Canvas learning management system. The issue came to the university’s attention on Wednesday after officials were informed that Rutgers had been affected as part of a broader cyber incident involving thousands of schools worldwide.

According to reports cited by higher education officials, the criminal extortion group known as ShinyHunters claimed responsibility for the attack. The group allegedly targeted systems connected to Instructure and said the breach impacted nearly 9,000 educational institutions globally.

Canvas is one of the most widely used digital learning platforms in higher education and is utilized by approximately 41% of colleges and universities nationwide for online coursework, assignments, testing, and communication between students and faculty members.

Rutgers officials said there was no evidence that personal information had been stolen during the incident. However, the cyberattack still created significant operational problems during a critical academic period.

On Thursday, an unauthorized message reportedly appeared on the Canvas platform related to the breach. Around the same time, some users experienced limited or complete loss of access to the system, affecting students attempting to complete exams, upload assignments, and submit projects.

The timing of the disruption raised concerns because many students were in the middle of final assessments and coursework deadlines. University officials acknowledged that the interruption may have affected academic activities and said the institution was actively reviewing possible next steps as the situation continued to develop.

In a public statement, Rutgers said it understood that exams, project submissions, and other student efforts may have been interrupted due to the incident. The university also noted that thousands of institutions were managing similar disruptions connected to the broader cybersecurity event.

The incident has added to growing concerns about cyber threats targeting education technology systems. Over the past year, the ShinyHunters group has been linked to several high-profile cyber intrusions involving educational and technology-related organizations.

Reports previously connected the group to a breach involving Salesforce data that allegedly exposed customer records connected to multiple companies, including Instructure. Earlier this year, the group also claimed responsibility for attacks targeting Infinite Campus, a student information system used by K–12 schools, as well as publisher McGraw Hill.

As universities continue to depend heavily on digital learning tools, cybersecurity experts have warned that online education systems remain attractive targets for criminal hacking groups seeking to disrupt services or gain unauthorized access to institutional data.

Rutgers officials said additional updates would be shared with students, faculty, and staff as more information becomes available and the university continues to monitor the impact of the breach during the ongoing exam period.

Sources:

Rutgers University
Inside Higher Ed
Instructure Canvas