Faith-Based Daily Awareness Post 8 May 2026

These updates are shared to help raise the situational awareness of Faith-Based organizations to best defend against and mitigate the impacts from all-hazards threats including physical security, cybersecurity, and natural disasters.

The Canvas Hack Is a New Kind of Ransomware Debacle

An alleged cyberattack carried out by the hacking group ShinyHunters disrupted the widely used learning management platform Canvas, affecting thousands of schools and universities during a critical end-of-semester period. According to reporting from WIRED, the attackers claimed to have stolen data tied to nearly 9,000 educational institutions, including names, email addresses, student ID numbers, and internal messages exchanged on the platform. The incident forced Canvas into maintenance mode after login pages at some universities were reportedly defaced with ransom messages demanding negotiations before a May 12 deadline. Institutions such as Harvard University, Columbia University, and Rutgers University experienced outages and disruptions during finals and assignment submissions. Instructure, the company behind Canvas, stated there was no evidence that passwords, financial information, or government IDs were compromised, but cybersecurity experts warned the stolen communications and identity data could still fuel phishing campaigns and extortion attempts. Analysts also noted the attack reflects a growing trend of cybercriminal groups targeting education technology providers because of their massive, centralized data stores and the operational pressure schools face to restore systems quickly.

Analyst Comments: The Canvas breach linked to ShinyHunters is especially relevant for faith-based schools because they rely heavily on shared platforms and often have smaller cybersecurity teams. Even though sensitive financial data wasn’t confirmed as exposed, stolen student identities, emails, and internal communications can still be used for phishing and impersonation attacks.

Faith-based schools are typically higher-risk for follow-on targeting because attackers can exploit trust-based communication patterns such as messages framed as administration notices, tuition updates, or community announcements. The timing during academic periods also increases disruption potential, since schools may quickly shift to informal communication channels that are easier to spoof.

Related Articles:

• Canvas Breach Disrupts Schools, Colleges Nationwide
• Harvard, MIT, Boston College among US universities reporting online outages amid cyber incident
• Canvas login portals hacked in mass ShinyHunters extortion campaign
• Hackers deface school login pages after claiming another Instructure hack

Louisiana Pastor Accused of Embezzling Over $300K From Church

Dale Sanders Sr., pastor of Fifth African Baptist Church and Second New Guide Missionary Baptist Church, has been indicted on federal charges alleging he embezzled more than $300,000 from one of the churches between April 2020 and April 2024. According to the Department of Justice, Sanders allegedly used a church debit card to withdraw cash and make purchases and is also accused of falsifying a 2023 contribution statement to obstruct a federal investigation. Prosecutors are seeking forfeiture of approximately $343,293 tied to the alleged offenses. Sanders has denied the allegations, stating in a Facebook video that he has never stolen from a church he pastored. He claimed he faced financial hardship after his salary was reduced and alleged, he had been protecting another unnamed individual connected to financial issues within the church. If convicted, Sanders could face up to 20 years in prison and fines up to $250,000.

Analyst Comments: This case highlights the ongoing financial and governance risks facing faith-based organizations, particularly when financial oversight, accountability measures, and internal controls may be limited or concentrated among a small number of trusted individuals. Houses of worship (HOWs) and religious nonprofits often operate with high levels of trust in leadership, which can create vulnerabilities if financial transactions, expense approvals, payroll, or debit card usage are not independently reviewed and routinely audited. Allegations involving misuse of HOWs funds can also create significant reputational damage, erode congregational trust, impact donor confidence, and generate legal or regulatory scrutiny regardless of the outcome of the case.

Faith-based organizations should ensure strong financial governance practices are in place, including dual authorization for expenditures, regular independent audits, separation of financial duties, transparent reporting to church boards, and clear documentation for compensation and reimbursement processes. Organizations should consider establishing procedures for reporting concerns internally and ensure financial oversight does not rely solely on personal relationships or informal processes.

World Passkey Day: Advancing passwordless authentication

In recognition of World Passkey Day, Microsoft highlighted its ongoing efforts to move users and organizations away from passwords and toward passkeys, which provide a more secure and phishing-resistant authentication method. The company emphasized that traditional passwords and weaker multifactor authentication methods remain highly vulnerable to increasingly sophisticated AI-powered phishing attacks. Passkeys, by contrast, use private cryptographic keys stored securely on a user’s device and require biometric verification or a PIN, making them significantly harder for attackers to steal or misuse. Microsoft noted that passkey adoption is rapidly increasing worldwide, with billions already in use and hundreds of millions of Microsoft users signing into services like Microsoft OneDrive, Xbox, and Microsoft Copilot using passkeys daily.

Analyst Comments: Microsoft’s expansion of passkey and password less authentication reflects the growing need for stronger protections against AI-powered phishing and credential theft attacks. By reducing reliance on traditional passwords and eliminating weaker recovery methods, organizations can better protect accounts, sensitive data, and internal systems from compromise. The focus on phishing-resistant authentication also highlights how attackers are increasingly targeting identity and account access rather than solely exploiting technical vulnerabilities.

This is especially relevant for faith-based organizations, which often rely on cloud-based communication, donation, and membership platforms but may have limited cybersecurity resources. Houses of worship and religious nonprofits remain attractive targets for phishing and account compromise due to the financial, personal, and operational information they manage. Implementing stronger authentication measures such as passkeys can help reduce the risk of fraud, unauthorized access, and disruptions to ministry operations.