86Trust
Verified
🔍 Web Verified
Zack WhittakeronMastodon5/9/2026
Edtech giant Instructure was hacked (twice) — and finally put up a security incident page after the mass-defacement of Canvas school login pages.
But you might not find the page because right now it has a "noindex" tag in the page's HTML code, which prevents it from being listed in search results.
The page is here, FYI: https://www.instructure.com/incident_update
Trust Metrics
92
88
70
85
Accuracy92%
Framing88%
Context70%
Tone85%
Analysis Summary
Instructure's Canvas platform was breached by the hacking group ShinyHunters, affecting thousands of schools and exposing at least 275 million user records — disrupting student access to coursework during final exam season. The company posted a security incident update page but used a 'noindex' meta tag to prevent it from appearing in search results, limiting public discoverability. Whittaker's observation about the noindex tag highlights a potential transparency issue — whether accidental or intentional, hiding the incident page from search engines reduces visibility when schools and affected users are actively seeking official guidance.
Claims Analysis (4)
“Instructure was hacked twice”
CNN, NYT, TechRadar all confirm breaches. ShinyHunters claims multiple incidents.
“Canvas school login pages were mass-defaced”
Confirmed by CNN, NYT, TechRadar, and WRAL reporting on widespread Canvas portal disruptions.
“Instructure put up a security incident page after the defacements”
Post links directly to incident_update page on Instructure.com; confirmed by news coverage referencing official response.
“The security incident page has a 'noindex' tag preventing search result listing”
Claim requires direct inspection of page HTML. Cannot independently verify from news coverage alone.
Was this analysis helpful?
Try ClearFeed free →