KaufmanIT

Why the Recent Canvas Hack Was Arguably Good for Small Businesses

By Matthew Kaufman May 18, 2026
A otter in a forest stream scene holds a large shell branded with the Canvas logo, with a trail sign in the background.

Last week’s cyberattack against Canvas, the widely used learning management system, made headlines for good reason. According to multiple reports, attackers associated with the ShinyHunters extortion group claim to have stolen data tied to as many as 275 million users across nearly 9,000 schools worldwide, including students, teachers and staff. If that number holds anywhere close to true, it would place this incident among the largest education-related data breaches we’ve ever seen.

It’s a massive event, but it’s also an important reminder that not all cyberattacks are the same, and not all of them should be interpreted the same way by small and midsize businesses.

A high-impact, high-effort attack

Canvas is used by tens of millions of active users globally, including K–12 schools, universities and education ministries. That scale alone makes it an attractive target for sophisticated criminal groups looking for high leverage in an extortion campaign.

In this case, attackers reportedly exfiltrated terabytes of data, including names, email addresses, student ID numbers and private messages exchanged on the platform. While Canvas owner Instructure has stated there is no evidence passwords, financial information or government identifiers were exposed, the breadth of potentially sensitive communications significantly raises the stakes.

From a financial standpoint, the impact could be substantial. Large breaches like this often lead to a combination of incident response costs, legal fees, regulatory scrutiny and long-term reputational damage. While no total dollar figure has been publicly confirmed, incidents of this scale routinely reach into the tens or hundreds of millions of dollars when response and remediation are fully accounted for, especially in highly regulated environments like education.

Why this doesn’t reflect the typical small business threat

It’s understandable for business owners to see headlines like this and think, “If Canvas got hit, what chance do we have?”

The reality is, most small businesses are not targeted this way.

This Canvas incident appears to be the result of a deliberate, resource-intensive attack aimed at a single, high-value platform used across thousands of institutions. That is very different from the threats that typically small and mid-sized organizations.

For smaller businesses, cybercrime is usually a crime of opportunity, not orchestration.

Attackers are typically looking for:

  • Weak or reused passwords
  • Unpatched systems
  • Exposed remote access
  • Employees who are easy targets for phishing

In other words, they are scanning widely and moving quickly, not spending months crafting attacks against a specific company unless there is significant payoff.

The real takeaway for business leaders

The lesson here is not that “everyone is vulnerable to nation-state-level attacks.” It’s that scale and exposure matter.

Canvas was an attractive target because:

  • It supports millions of users
  • It aggregates vast amounts of sensitive information
  • A successful breach creates enormous leverage

Most small businesses simply do not present that kind of profile. That’s good news.

At the same time, the fundamentals still matter. Opportunity-based attacks succeed against even the smallest of businesses every day because basic controls are missing or inconsistently applied. Strong identity protection, MFA, patching, backup integrity and employee awareness still stop the overwhelming majority of real-world attacks we see affecting smaller organizations.

Perspective matters

Large, highly public breaches make for alarming headlines, but they can also distort how risk is perceived. Sophisticated attacks against global platforms are not the baseline. For most businesses, cybersecurity is less about stopping elite hacking groups and more about not being the easiest door on the block.

That’s where disciplined, practical security makes all the difference.

Get the IT Expertise You Deserve

Green Arrow Vector SVG (1)

You’re here now – why wait?

Find out why our award-winning team is also one of the fastest-growing technology providers in California.

Request a call today!

  • Map Icon

    20 Corporate Park Suite #350, Irvine, CA 92606

  • Phone Icon

    949.485.4070

  • Mail Icon

    info@kaufmanit.com

KaufmanIT-BIMI 5