WASHINGTON – The developer of Canvas, widely used by US institutions for grades and class materials, issued an apology after a hack that ​blocked students from accessing the education tool and involved student data being stolen by a cybercriminal hacking group.

“I’ll start where I should: with an apology,” Mr Steve Daly, the chief executive officer of Canvas’ parent company Instructure, said in a blog post on May 11.

ShinyHunters, a hacking group known for data theft and extortion campaigns targeting major global companies, ‌said in a May 3 post on its website that it had stolen roughly 6.65 terabytes of Canvas data.

The data, linked to nearly 9,000 schools worldwide, included student names, e-mail addresses and private messages between students, teachers and other staff, the group added.

Student newspapers across the United States reported last week the hack caused widespread disruption as students prepared for end-of-year tasks ​and assignments.

The software is used by schools for class assignments and information sharing, as well as messaging between students and school ​faculty.

The Instructure CEO said Canvas “is fully operational and remains safe to use”.

“Over the past few days, many of you dealt with real disruption. Stre...