The U.S. House Committee on Homeland Security is calling on Instructure executives to testify about two cyberattacks by the ShinyHunters extortion group that targeted the company’s Canvas platform, allowing threat actors to steal student data and disrupt schools during final exams. In a letter sent Monday afternoon to Instructure CEO Steve Daly, Homeland Security Committee Chairman Andrew R. Garbarino said the committee is investigating the massive breach at Instructure that impacts millions of students. "The Committee on Homeland Security (Committee) is investigating the concerning reports related to recent cybersecurity incidents affecting Instructure Holdings, Inc. and the tens of millions of students, educators, and administrators who rely on its Canvas learning management platform," reads the letter. "Within the span of one week, the cybercriminal group known as ShinyHunters breached Instructure twice." As first reported by BleepingComputer, Instructure disclosed on May 3 that it had suffered a breach. The company later confirmed it detected the intrusion on April 29 after threat actors compromised its systems and stole data belonging to students and school staff using Canvas. The company said the exposed information included names, email addresses, student identification numbers, and messages exchanged between students and teachers on the platform. However, the data did not include passwords, financial information, or government identifiers. On May 3, the ShinyHunters extortion gang claimed responsibility for the attack, telling BleepingComputer that they stole 280 million data records from 8,809 colleges, school districts, and online education platforms. The threat actor shared a list of impacted education organizations, with stolen record counts ranging from tens of thousands to several million for each institution.