As per reports, the following are the latest updates regarding the cybersecurity breach in Instructure, for which ShinyHunters took responsibility, as of Tuesday (05 May):

• The Chief Information Security Officer Steve Proud stated that staff are working to determine the full scope of the breach and minimize any lingering impact.
• Preliminary findings suggested the incident was caused by a “criminal threat actor” and may have involved the exposure of user-identifying information such as names, email addresses, student identification numbers, and user-to-user messages. However, he added that there was no evidence that passwords, dates of birth, government-issued identifiers or financial information were compromised.
• While Instructure has not publicly identified the criminal threat actor, several security researchers confirm that this was done by ShinyHunters.