ShinyHunters Breach of Instructure Canvas LMS 📚✏️: Lessons for SOCs on Third-Party Vendor Risks

ShinyHunters Breach of Instructure Canvas LMS 📚✏️: Lessons for SOCs on Third-Party Vendor Risks

From Secure AF - A Cybersecurity Podcast by Alias Cybersecurity

May 20, 2026 · 5 min

About this episode

This episode discusses the ShinyHunters breach of Instructure's Canvas LMS and its implications for security teams regarding third-party vendor risks.

Got a question or comment? Message us here! In this episode of the #SOCBrief, we break down the ShinyHunters breach of Instructure’s Canvas LMS and what it means for security teams everywhere. From exploiting a lesser-monitored service to exfiltrating millions of records, this attack highlights the growing risk of third-party vendors and supply chain exposure. We walk through how the breach unfolded, key indicators of compromise, and the practical steps SOC teams can take to detect, mon...

People in this episode

Host: Alias Cybersecurity

Topics covered

  • cybersecurity
  • third-party vendor risks
  • supply chain exposure
  • data breach
  • security operations center

Keywords

  • ShinyHunters
  • Instructure
  • Canvas LMS
  • data breach
  • third-party risks
  • security teams
  • indicators of compromise

Mentioned in this episode

Organizations: Instructure, ShinyHunters

Products: Canvas LMS

More episodes of Secure AF - A Cybersecurity Podcast

Explore listener stats, chart rankings, contacts and more on the Secure AF - A Cybersecurity Podcast podcast page.