Canvas Hack
Famous Breaches
Cybersecurity Terms
Social Engineering
Hacking Techniques
100

The group that is responsible for the 2026 Canvas breach is:

ShinyHunters

100

Hackers stole credit card data from millions of holiday shoppers at this retailer in 2013

Target

100

The general term for any software designed to harm or gain unauthorized access to a system

Malware

100

Someone sends an email pretending to be someone you trust

Phishing

100

This attack tries every possible password until the hacker finds the right one

Brute Force Attack

200

A type of attack that demands money to prevent stolen data from being released

Ransomware / Extortion

200

This social media company had 87 million users' data harvested without consent by a political consulting firm

Facebook

200

This login method requires you to verify your identity in 2 different ways

2FA

200

A phishing attack aimed at one specific high-profile target, like a CEO

Spear Phishing 

200

This type of malicious code is hidden inside a normal-looking program to trick you into running it

Trojan Horse

300

This company owns Canvas

Instructure

300

ShinyHunters previously breached this live music and ticketing giant, exposing 560 million customers' data

Ticketmaster

300

This attack floods a server with so much traffic that it crashes and goes offline

DDoS Attack

300

An attacker leaves a malware-loaded USB in a parking lot, hoping someone plugs it into their computer. This is called: 

Baiting

300

This software secretly records every key you type to steal passwords

Keylogger

400

This was the deadline given for when the ransom had to be paid before the data was leaked (hint, it's a specific date)

Before May 12th

400

In 2013, this search engine had all 3 billion of its user accounts compromised

Yahoo

400

A network of secretly infected computers, all controlled by one hacker

Botnet

400

ShinyHunters used this phone-based trick to breach Instructure's systems

Vishing (Voice Phishing)

400

Scanning a network to find open ports that might be vulnerable is called this:

Port Scanning

500

Beyond names and emails, hackers stole the students' communications - including sensitive messages about mental health and medical issues. What is the term for what was stolen?

Private Messages

500

This credit reporting agency exposed the Social Security numbers of 147 million Americans in 2017

Equifax

500

When a hacker secretly intercepts messages between 2 people without either of them knowing

Man-in-the-Middle Attack

500

A hacker pretends to be IT support to get an employee's password. This technique is called:

Pretexting

500

This type of attack exploits a software vulnerability that the developer doesn't know about yet, giving hackers a head start before any patch exists. This is called a:

Zero-Day Attack

M
e
n
u