Welcome to the first ever Indigo Privacy Monday News — one story, every Monday, real and relevant.
What happened
A hacking group called ShinyHunters stole 6.65 terabytes of data from Canvas — the learning platform used by 30 million students.
Data from nearly 9,000 schools worldwide was taken. The hackers then published a list of 1,400 schools — specifically inviting them to pay up before the data goes public. The FBI is involved. Some schools have already negotiated directly with the hackers.
What was taken: student names and email addresses, student ID numbers, and private messages between students and teachers.
Why it matters
Breached emails don't just disappear. They end up on data broker sites — fueling spam, phishing, and robocalls tied to information you never chose to share.
That's the cycle this newsletter exists to help you break.
What to do now
🔑 Change your Canvas password
Takes 30 seconds. Do it today.
🎣 Watch for phishing emails
The hackers have real message content. A fake email from a "teacher" or "classmate" could look completely real. Verify before clicking anything.
👨👧 Parents: warn your kids
Scammers may impersonate classmates or teachers using stolen messages. Give your kids a heads-up before a convincing fake lands in their inbox.
🔍 Check if your school is affected
Search your district name + "Canvas breach" — the full list of 1,400 schools is public.
Up next
On Wednesday, we'll walk through Have I Been Pwned — a free tool that shows every breach your email has appeared in.
That's a good place to start.
Tired of news that feels like noise?
Every day, 4.5 million readers turn to 1440 for their factual news fix. We sift through 100+ sources to bring you a complete summary of politics, global events, business, and culture — all in a brief 5-minute email. No spin. No slant. Just clarity.