SINGAPORE: Educational institutions in Singapore are assessing the impact of a recent cyberattack that knocked down learning tool Canvas, even as the platform has since been restored.

The hacking group ShinyHunters claimed responsibility for the breach, saying in a May 3 post on its website that it had stolen data related to nearly 9,000 schools worldwide that included student names, email addresses and private messages between students, teachers and other staff.

Canvas, developed by US-based education technology firm Instructure, is widely used by universities and schools to manage coursework, assignments and communication.

The National University of Singapore (NUS), Singapore University of Social Sciences (SUSS) and the Singapore Institute of Management (SIM) were among those affected by the outage.

In a statement, NUS said it is working with Instructure to assess the impact of the data breach.

"Operational impact is assessed to be minimal as the current semester has concluded and all examinations have ended," an NUS spokesperson told CNA on Saturday (May 9).

"We have in place backup and business continuity processes to ensure downstream activities such as marking and grading proceed unaffected."

NUS said it has also reminded students to stay vigilant to any suspicious messages, and not to disclose any personal information or login details if contacted by suspicious people on various channels.

SUSS similarly said it is working closely with Instructure to assess the impact. Access to Canvas has been restored, and there has been no significant disruption to SUSS’ overall operations, the university said on Saturday.

As a precaution, SUSS has advised users to remain vigilant against phishing attempts and to strengthen account security, including changing passwords and enabling multi-factor authentication where available.

“We are also reviewing relevant access controls and security configurations in line with recommended security measures,” it added.

SIM said on Friday that it is closely monitoring the situation with Instructure.

In the meantime, SIM said it will put in place temporary arrangements such as sending Zoom lesson links directly to students, while deadlines for quizzes and assignments may be extended due to the outage.

"SIM’s cyber posture remains sound," it said. "At this time, there is no evidence that SIM ...