Quercus is down at U of T following a breach of its parent company Instructure, by the cybercriminal group ShinyHunters. ShinyHunters has been involved in large-scale data breaches and claimed responsibility for the attack, writing that it had stolen 275 million individuals’ data “ranging from students, teachers, and other staff.”
Last Friday, May 1, Instructure disclosed that it was investigating a cyberattack, later revealing it had suffered a data breach.
A message was posted on Quercus by ShinyHunters, again confirming it was behind the attack. The message reads:
“ShinyHunters has breached Instructure (again). Instead of contacting us to resolve it they ignored us and did some “security patches”… If any of the schools in the affected list are interested in preventing the release of their data, please consult with a cybersecurity advisory firm and contact us privately at TOX to negotiate a settlement. You have till the end of the day by 12 May 2026 before everything is leaked. Instructure still has until EOD 12 May 2026 to contact us.”
In an email to The Varsity, a spokesperson for the university wrote, “Community updates are being provided at uTogether and the ITS System Status page” but did not comment on how the university will respond to the May 12 deadline.
Quercus has been down since approximately 4:30 pm.
