What you’ll learn

• How the ShinyHunters x Canvas breach unfolded—and why vendor-managed infrastructure can bypass campus security controls

• What data was exposed (beyond “big numbers”) and how attackers use it to run highly targeted, credible social engineering in higher ed

• Why knowledge-based verification (KBV) and traditional help-desk account recovery break down at scale after an enrollment/PII leak

• How centralized identity “honeypots” create systemic risk, and what a more resilient identity architecture looks like

• The foundational controls that reduce blast radius after vendor compromise: phishing-resistant passkeys, verified identity for recovery, and stronger identity proofing to stop fraud at enrollment