They could but also why would they?

They can always just hack them again but with a different method this time.

The ransom doesn't bind them from hacking the company multiple times. It just obligates them to destroy the data they collected from this attack.

As a matter of kindness and good business they'll probably wait a few months or a year or so before poking around again but they'll almost certainly continue poking at Instructure's systems.

Data exfil ransom attacks are a business first and foremost. They don't permanently halt or destroy the original infra and their goal is to get a payout for their labor and move on. Maybe the come back around in the future with another, different attack, maybe they don't.

They made their money and made it big in the news as having complied with the ransom payout, no reason to hurt their reputation trying to double dip. Plenty of other soft targets to poke.