Another week, another massive breach. This time it's Instructure, the company behind Canvas, the learning management system used by over 8,000 schools worldwide. ShinyHunters, the same extortion gang that's been tearing through universities and cloud companies all year, claims to have walked away with student names, email addresses, and private messages between teachers and students. They say 275 million people are affected. Even if that number is inflated, which it probably is, the real number is still going to be enormous. And once again, we're left asking the same question we always ask after these breaches: how did this happen, and who's actually on the hook for it? The edtech trust problem Schools don't really choose platforms like Canvas the way a consumer picks an app. These decisions are made at the district or institutional level, often years ago, and once a platform is embedded in the daily workflow of every teacher and student, it becomes almost impossible to move away from.…