Cybercrime group ShinyHunters have breached security at American ed-tech giant Instructure again, despite new measures to protect students’ personal data.

The group left a message on Canvas, an educational app widely used by students and lecturers, on Thursday night. Canvas was broken into earlier this week, affecting millions of students at educational institutions worldwide, including seven Dutch universities.

“ShinyHunters has breached Instructure (again). Instead of contacting us to resolve this, they ignored us and did some “security patches”, the message read. “Instructure didn’t fix all the vulnerabilities, we have more,” a spokesperson for the group told American paper The Daily Pennsylvanian.

The group had earlier set a deadline of May 8 for individual institutions to pay a ransom for the captured data. That has now been extended to midnight on May 12, with the group urging institutions to “contact a cyber advisory firm” to broker a deal.

The message disappeared shortly after to be replaced by a “scheduled maintenance” announcement by Instructure. According to the company’s latest update, Canvas is now “available to most users”.

Amsterdam’s VU university said on Thursday evening that it had decoupled all its links to the Canvas system following the hack.

Shinyhunters targeted telecom provider Odido earlier this year, making off with the personal data of millions of Dutch users.