Instructure, the company behind the widely used school information platform Canvas, said Tuesday that it has “reached an agreement” with the hackers responsible for two breaches of its systems that led to the theft of vast amounts of student and staff data and disrupted thousands of schools.

The financially motivated cybercrime group ShinyHunters claimed responsibility for the April 29 breach, alleging it stole personal information belonging to 275 million students and staff.

The group said it had infiltrated Canvas, which is used by nearly 9,000 schools to manage student records and coursework.

The hackers breached the company again last week, defacing Canvas login pages on school websites in an apparent bid to pressure Instructure into paying a ransom.

In an update posted late Monday, Instructure said it had reached an agreement under which the hackers provided evidence that the stolen data had been destroyed and that Canvas customers would not face extortion attempts.

The company cautioned that there is “never complete certainty” when negotiating with cybercriminals, but said customers should not need to engage with the attackers directly.

Financial terms of the agreement were not disclosed, and Instructure did not reveal whether any payment was made to the hackers.

Company spokesperson Brian Watkins declined to comment beyond the official statement or respond to further questions about the deal when contacted on Tuesday.