280 Million Student Records Stolen: What Parents Need to Do Now

What Happened

A hacker claims to have stolen personal information on 280 million students and staff members from Instructure, a major education technology company. The breach affected nearly 9,000 institutions that use Instructure's platforms, including Canvas, a learning management system used by schools and universities worldwide. This is one of the largest education data breaches on record, and your child's information may be included.

The Details

Instructure provides learning platforms that schools use for online classes, assignments, and grade tracking. The stolen data reportedly includes names, email addresses, phone numbers, physical addresses, and other personal information collected through these educational platforms.

The hacker posted samples of the stolen data on a dark web forum, claiming to have information spanning multiple years. While Instructure is still investigating the full scope of the breach, the sheer size means millions of families are potentially affected. The exposed information could be used for identity theft, phishing attacks, or social engineering scams targeting students and parents.

Children are particularly vulnerable to identity theft because the crime often goes undetected for years. Criminals can use a child's clean credit history to open accounts, take out loans, or commit fraud. Parents typically discover the theft only when their child applies for college financial aid or their first credit card.

Who Is Affected

If your child's school uses Canvas or other Instructure platforms, assume their information was exposed. This includes students from elementary school through college, as well as teachers and staff at affected institutions. The breach spans nearly 9,000 institutions across multiple countries.

Parents of children under 18 should be especially concerned. Your child's personal information combined with their lack of credit history makes them prime targets for identity thieves.

What You Should Do Right Now

1. Contact your child's school and ask directly if they use Instructure or Canvas platforms. Request confirmation about whether your child's data was affected and what steps the school is taking.

The Bigger Picture

Education institutions have become major targets for cybercriminals because they hold vast amounts of personal data with often limited security budgets. As schools increasingly rely on digital platforms for learning, these breaches will likely continue. Staying informed and taking proactive steps to protect your family's information is no longer optional. It's a critical part of modern parenting.

How GetCyberRight Can Help

Our Child Identity Theft Protection Guide walks you through the exact steps to freeze your child's credit, monitor for misuse, and respond if you discover fraud. The guide includes phone numbers, website links, and scripts for what to say to credit bureaus. It takes the guesswork out of protecting your child's identity, especially critical in the wake of breaches like this one.