275 million student records. One vendor. One breach. This is why Division-Managed AI environments are not optional – they are the only architecture that keeps your data from ending up on a leak site
According to Malwarebytes the security firm, Instructure, the company behind the Canvas learning management system (LMS), confirmed a cyber incident and subsequent data breach affecting its cloud‑hosted environment. The ShinyHunters ransomware group claims it is behind the attack and says it stole roughly 275 million records tied to students, teachers, and staff.
Canvas, the platform at the center of this breach, can be hosted locally on division-managed infrastructure. In that configuration, the data never touches Instructure’s cloud. It stays inside the building, under the division’s control, with no external vendor holding the keys. That is what Division-Managed AI environments look like in practice.