Students nationwide struggled amidst the security breach from Thursday through Sunday

By Gloria Hubbell Corena

Editor-in-Chief

Students at College of Marin were forced to navigate uncertainty after Canvas went offline around 1 p.m. Thursday, during a cybersecurity incident affecting schools connected to the platform. Over the weekend, schools began restoring access, with College of Marin regaining access Sunday afternoon.

The college used reassuring language throughout the incident. In Updates sent to students, COM officials said the school was taking a “cautious and thorough approach” before restoring broad access to Canvas, emphasizing that the priority is in protecting students, employees, and institutional data. The college also warned students to be on the alert for phishing scams or suspicious emails related to the breach.

Many professors reached out directly to reassure students, extend deadlines, and provide alternative ways to access assignments and course materials. One dedicated professor emailed concerned students at 1:20 a.m to reassure the class that accommodations would be made while systems were down. Most reports indicated that professors across all departments attempted to ease stress and concerns. “Don’t worry,” “We are in this together,” and “We will figure this out together” were common sentiments included in emails students received over the past several days, including up until Sunday when access was restored.

For students, however, the outage created stress during a critical point in the semester. Several students described repeatedly checking Canvas, worried about missed assignments, upcoming exams, and finals. Despite reassurance from professors, students were consumed by the impending fear of the unknown as finals and deadlines quickly approached.

“I don’t know what I’m going to do. I am so stressed,” one student reported.

Another student wrote, “I keep checking Canvas to see if it’s back up. Maybe I should stop because it’s only stressing me out more.”

and “I planned my work and other schooling around the deadlines that I had, extensions will help with those grades, but make everything else more complicated.”

Luckily, these students felt the relief regaining access on Sunday.

“I have so much homework to do now, but YAY! I was so freaked out,” sent in one student.

Online posts attributed to the cybercrime group ShinyHunters have claimed responsibility for the breach affecting Instructure, the company behind Canvas, though many details surrounding the incident remain unconfirmed publicly.

Editor-in-Chief Corena was working on Canvas when this message popped up, Thursday at 1 pm

The notorious collective didn’t just strike in the dark of night; they allegedly reached out to the company multiple times before the full-scale attack. According to rumors and recent dark web postings, the group claimed they tried to “resolve” the issue with Canvas parent company, Instructure, as early as April 2026, but were ignored, leading them to deface login pages with a ransom demand and a May 12 deadline. This bold, confrontational style is a ShinyHunters trademark. They are the same group linked to the massive 2024 AT&T breach, where the telecom giant reportedly paid a $370,000 ransom in Bitcoin to have the stolen data of 110 million customers deleted.

College of Marin restored full Canvas access on Sunday afternoon.

College of Marin posted several updates over the weekend, urging students not to click on any links or attachments and not to respond to emails containing threats or demands. They encourage changing passwords to something strong and enabling multi-step authentication. Please report any suspicious activity to [email protected]