Online instructional services for the Contra Costa Community College were abruptly interrupted May 7 by hackers with a message threatening to release personal data.
Los Medanos College art Professor Eric Sanchez was teaching his design drawing class when the college’s Canvas instructional software went down. When he attempted to access his online course modules, Sanchez was met by a black screen with a message outlined by a red border threatening release of data if a “settlement” could not be negotiated.
“I was going to be showing prompts we were working on for our final projects,” said Sanchez who described the moment as shocking. “In my head I was like ‘Did we just get hacked?’”
He then rushed to inform nearby students and faculty about the breach.
Educational technology company Instructure — parent company to Canvas — experienced a breach affecting college institutions nationwide. 4CD members logging into Canvas were met with a ransomware message as they tried to access their courses in Canvas.
Canvas, the online instruction program used by professors to store and assign course materials to students, is widely used across the nation.
The cyberattack was claimed by criminal hacker group, ShinyHunters, who in the ransomware message claimed that affected schools “have till the end of the day by 12 May 2026 before everything is leaked.”
According to multiple reports nationwide 9,000 schools across the country were affected by the breach threatening to release institutions’ data, including student information. The system went down at around 1 p.m. While the website was inaccessible via browser in the early afternoon, the app was still functioning for a short time before also experiencing technical difficulties about an hour later.
The district sent out a message shortly after the outage notifying the campus community of the interruption.
“We are actively monitoring the situation and will share updates as soon as we receive additional information from Instructure.” according to an email from the district’s acting IT director, Katherine Ogden.
The hackers’ message was also shortly changed to a Canvas landing page announcement that read, “Canvas is currently undergoing scheduled maintenance. Check back soon.”
At least some colleges have reported they were notified as early as Monday, though it is unclear if 4CD knew in advance that Canvas services could be interrupted.
The security office for California Community Colleges, the statewide governing body of community colleges, publicly acknowledged it knew of the possible data breach on its website starting May 1, and continued to release public updates throughout the following week.
In a message sent to students across the district, 4CD IT services said “we were made aware earlier this week of reports regarding a cybersecurity incident affecting Instructure.” According to the District IT services, Instructure and the CCC security office “communicated that any risk had been contained and managed and no action was required from faculty, staff, or students.” after reporting the initial concerns.
Jennifer Ortega, district director of communications and community relations, referred the Experience to the CCC’s security office website.
Canvas services has since been made fully functional as classes continue.
