Throughout the past school year, almost all Algonquin students have been impacted by several data breaches, causing concerns about how student information is protected in the community.
The hacking group ShinyHunters infiltrated Infrastructure, the parent company of Canvas, on May 7, shutting down the educational platform for hours and allegedly gaining access to student information. Less than two months earlier, on March 29, almost all students received a legal notice alerting them that they might be eligible for compensation if they used Naviance at any time in the last five years. Furthermore, last October, the Massachusetts-based hacker who targeted Powerschool in Dec. 2024 was sentenced to four years in federal prison after releasing sensitive information of over 60 million students and 10 million educators.
The Canvas outage occurred in the midst of AP week, and according to an email sent out by the district’s technology department, the data released by the hackers may include “names, email addresses, school-assigned ID numbers and messages exchanged within Canvas.” Because of its universal usage across Algonquin, its impact was widespread.
“[The outage] was definitely something I wasn’t expecting,” junior Lily Bertonazzi said. “I kept seeing TikTok videos about it and how it fell on finals week for a lot of colleges too.”
Similarly, Naviance, a college-planning site which Algonquin used for two decades before switching over to SchooLinks this year, faced allegations that it had violated student privacy. This culminated in a $17.25 million settlement, specifically based on claims that Naviance had embedded third-party tracking software into its site, which captured and shared private student data without consent.
The details of these incidents have made students feel anxious about their online privacy.
“I’m hoping that nothing actually comes out of that [hacking],” senior Emily Ruiz said. “It’s obviously a little uncomfortable to know that my personal information that was put online that I trusted with Canvas could be hacked and used for other things.”
Students also stressed how these data breaches have occurred in sites that are used practically daily.
“Personally, I’m on Canvas all the time,” senior Mina Chung said. “I’m on Google all the time, and during junior year, I was on Naviance all the time. It’s just always things that we use on a day-to-day basis that should be, in my opinion, protected much better.”
School administrators said that protecting privacy is an important priority for them. Any application used by a student or endorsed by the school must comply with certain requirements set by the district.
“We take [student privacy] very seriously, and everything we adopt has to go through a series of checks and assurances that they are complying with our digital privacy requirement,” Principal Sean Bevan said.
In response to the Canvas outage, the technology department said that they are working with Instructure to understand the type of data involved.
“Protecting the privacy and security of student and staff information remains a high priority for our district,” they said in their statement.
Even before details about the settlement emerged, administrators felt shortcomings in Naviance and were looking to switch to another site.

“We felt like the career exploration component [of Naviance] wasn’t as robust as we wanted it to be,” head of guidance Lisa Connery said. “We were originally using Naviance for college admissions stuff, and then doing [a separate site], Pathful Explorer, for the career exploration component. We really wanted one system that could do both pieces well.”
The system chosen was SchooLinks, a platform that has pleased the Guidance Department and other administrators so far. Both administration and the Guidance Department deny any correlation between the lawsuit and the decision to part ways with Naviance.
“We actually became aware of the lawsuit when a parent reached out to us,” Connery said. “So one thing had nothing to do with the other.”
Algonquin students who used Naviance during the contested time frame can still use the settlement website to apply for compensation. However, the settlement does not shield Naviance, and other educational technology companies like Canvas from serious concerns about user privacy.
Although it appears that the Canvas hacking did not release things beyond basic student information and communications, companies often have access to highly sensitive information about students and their families. For example, in December 2024, hackers targeting Powerschool unearthed data including Social Security Numbers and health information about millions of students nationwide. Of course, protecting student privacy is a challenge for lawmakers.
“[Policymakers] want to strike the balance between allowing companies to innovate and to provide the best service for their customers, while at the same time maintaining individual protections for peoples’ rights and expectations of privacy,” AP Government teacher Brian Kellett said. “A lot of effort goes into informing yourself and educating yourself about what all of the different privacy policies that companies have are.”
Many students believe that more action needs to be taken to mitigate the risk of data breaches.
“I think it’s kind of a thing where these hackers are getting stronger in getting more information and being able to find loopholes,” Ruiz said. “So when those hackers are able to do that, then that means that we need to be able to find ways to protect ourselves even better.”
