ATLANTA — Cyber criminals have hacked software that students and teachers use in school daily, and a local cyber security expert sent a warning to parents.
“This is a really good opportunity for parents to really step up and help defend their children and educate them,” said Patrick Kelley.
Thousands of students and teachers across the country learned Thursday that cyber criminals hacked an app students and teachers use to send messages and homework assignments.
“If they see text messages for a request for their information or photos or anything of a personal nature, they do not need to engage,” said Kelley.
Kelley said he’s seen the ransom note sent to a company called Instructure.
[DOWNLOAD: Free WSB-TV News app for alerts as news breaks]
The criminals who sent it posted it on the dark web.
“The notification actually came across yesterday morning,” said Kelley.
He said the online attackers told Instructure they breached its Canvass software and obtained student and teacher e-mail addresses, passwords and private messages. The criminals threatened to post that information on the dark web for anyone to access if Instructure did not pay a ransom.
“It gets rather serious very quickly,” said Kelley.
He is concerned someone could obtain sensitive student information in the private message portal of the app. He said they could then use it to try to contact the child and obtain more personal information.
“If that’s used to bully the student, or if it’s used in someway that puts lives at risk, then the school could be held liable,” said Kelley.
He said Instructure could be liable as well.
The company posted an update online Thursday evening that said the applications under attack are in maintenance mode.
Channel 2 Action News reached out to local schools and universities to find out which ones use the software under attack.
Cherokee County School District responded Thursday evening with a letter it sent to families. That letter said it has stopped all access to Canvas until further notice.
“The vendor has communicated that basic user data, such as names and email addresses, and internal messages may have been accessed,” said Chief Communications Officer Barbara Jacoby. “Student grades were not accessed, nor were passwords.”
Fulton County Schools responded Thursday evening as well. A spokesperson said technical teams are conducting a review to determine the specific impact on the district, Canvas remains operational and the district is monitoring the situation.
[SIGN UP: WSB-TV Daily Headlines Newsletter]
©2026 Cox Media Group
