Read the full article on KETV 7
A major cybersecurity breach for the online education platform Canvas, used by schools and universities across the country, created chaos Thursday as students tried to study for finals.Canvas is widely used by higher education institutions, with tens of millions of users worldwide. Students and staff at the institutions use the internet-based education portal that allows students and educators to communicate, do coursework and more.Related video above: Nebraska, Creighton report security incident affecting learning management systemA threat message posted online by a group calling itself “ShinyHunters” claimed responsibility for breaching Instructure, the company behind the Canvas learning management system, and threatened to leak data tied to affected schools unless contacted by May 12, 2026.The threat message was also visible to some students when they logged in to Canvas.The message, which references “affected schools” and a file allegedly containing a list of institutions, has circulated online as schools across the country respond to the incident.Instructure said it detected unauthorized activity on April 26 and “immediately revoked the unauthorized party’s access” and started an investigation. Instructure on Thursday identified additional unauthorized activity tied to the same incident.”The unauthorized actor made changes to the pages that appeared when some students and teachers were logged in through Canvas. Out of caution, we temporarily took Canvas offline into maintenance mode to contain the activity, investigate, and apply additional safeguards,” a spokesperson said.Instructure also said that the unauthorized actor carried out the activity by exploiting an issue related to its Free-For-Teacher accounts.”As a result, we have made the difficult decision to temporarily shut down Free-For-Teacher accounts. These accounts have been a core part of our platform, and we’re committed to resolving the issues with these accounts. In the meantime, Canvas is fully back online and available for use.”In a status update late Thursday, Instructure said Canvas was available again “for most users,” but a number of schools had already extended deadlines and shuffled finals schedules because of the hack.Universities and school districts quickly began notifying students and parents when the outage began.“This is being reported as a national-level cyber-security incident,” the director of information technology at the University of Iowa’s College of Public Health wrote in announcing that the school’s online system was down. “Hopefully we will have a resolution soon.”Virginia Tech acknowledged in a notice to students that the administration was aware of the effect on final exams and other end-of-semester activities. The University of New Mexico sent a similar message to the campus community, and the University of Florida urged students to stay alert for any phishing messages that appear to be from Canvas.Teachers say they are having to find workarounds to help students study for exams and submit final assignments.Damon Linker, a senior lecturer in the political science department at the University of Pennsylvania, said in a post on the social media platform X that his students had been relying on Canvas to access every reading from the semester and all of his lecture slides before their Monday final exams. The outage leaves students and faculty “dead in the water here in academia right now,” he said.The student newspaper at Harvard reported that the system there was down as well. Students at Johns Hopkins University simply got an error message when trying to view their final grades on the platform Thursday. And public school districts also sought to reassure parents, with officials in Spokane, Washington, writing that they aren’t “aware of any sensitive data contained in this breach.”Some schools, such as the University of Texas at San Antonio, announced they were pushing back finals scheduled for Friday in response to the outage.It’s unclear exactly what data may have been exposed, but according to multiple news reports — as well as messages sent to students and staff at some of the schools — the potentially exposed information may include names, email addresses, student ID numbers and user messages.Social Security numbers, passwords, and usernames were likely not exposed, according to multiple reports and statements from multiple different educational institutions that have been impacted by the situation.Colleges and universities are urging students and employees to remain alert for phishing emails and other suspicious communications in the wake of the incident, and are cautioning that they will never ask for passwords, Social Security numbers, birthdates or bank account information through email, text or phone calls. Updates on the status of Canvas can be found here. ____The Associated Press contributed to this report
A major cybersecurity breach for the online education platform Canvas, used by schools and universities across the country, created chaos Thursday as students tried to study for finals.
Canvas is widely used by higher education institutions, with tens of millions of users worldwide. Students and staff at the institutions use the internet-based education portal that allows students and educators to communicate, do coursework and more.
Advertisement
Related video above: Nebraska, Creighton report security incident affecting learning management system
A threat message posted online by a group calling itself “ShinyHunters” claimed responsibility for breaching Instructure, the company behind the Canvas learning management system, and threatened to leak data tied to affected schools unless contacted by May 12, 2026.
The threat message was also visible to some students when they logged in to Canvas.
The message, which references “affected schools” and a file allegedly containing a list of institutions, has circulated online as schools across the country respond to the incident.
Instructure said it detected unauthorized activity on April 26 and “immediately revoked the unauthorized party’s access” and started an investigation. Instructure on Thursday identified additional unauthorized activity tied to the same incident.
“The unauthorized actor made changes to the pages that appeared when some students and teachers were logged in through Canvas. Out of caution, we temporarily took Canvas offline into maintenance mode to contain the activity, investigate, and apply additional safeguards,” a spokesperson said.
Instructure also said that the unauthorized actor carried out the activity by exploiting an issue related to its Free-For-Teacher accounts.
“As a result, we have made the difficult decision to temporarily shut down Free-For-Teacher accounts. These accounts have been a core part of our platform, and we’re committed to resolving the issues with these accounts. In the meantime, Canvas is fully back online and available for use.”
In a status update late Thursday, Instructure said Canvas was available again “for most users,” but a number of schools had already extended deadlines and shuffled finals schedules because of the hack.
Universities and school districts quickly began notifying students and parents when the outage began.
“This is being reported as a national-level cyber-security incident,” the director of information technology at the University of Iowa’s College of Public Health wrote in announcing that the school’s online system was down. “Hopefully we will have a resolution soon.”
Virginia Tech acknowledged in a notice to students that the administration was aware of the effect on final exams and other end-of-semester activities. The University of New Mexico sent a similar message to the campus community, and the University of Florida urged students to stay alert for any phishing messages that appear to be from Canvas.
Teachers say they are having to find workarounds to help students study for exams and submit final assignments.
Damon Linker, a senior lecturer in the political science department at the University of Pennsylvania, said in a post on the social media platform X that his students had been relying on Canvas to access every reading from the semester and all of his lecture slides before their Monday final exams. The outage leaves students and faculty “dead in the water here in academia right now,” he said.
The student newspaper at Harvard reported that the system there was down as well. Students at Johns Hopkins University simply got an error message when trying to view their final grades on the platform Thursday. And public school districts also sought to reassure parents, with officials in Spokane, Washington, writing that they aren’t “aware of any sensitive data contained in this breach.”
Some schools, such as the University of Texas at San Antonio, announced they were pushing back finals scheduled for Friday in response to the outage.
It’s unclear exactly what data may have been exposed, but according to multiple news reports — as well as messages sent to students and staff at some of the schools — the potentially exposed information may include names, email addresses, student ID numbers and user messages.
Social Security numbers, passwords, and usernames were likely not exposed, according to multiple reports and statements from multiple different educational institutions that have been impacted by the situation.
Colleges and universities are urging students and employees to remain alert for phishing emails and other suspicious communications in the wake of the incident, and are cautioning that they will never ask for passwords, Social Security numbers, birthdates or bank account information through email, text or phone calls.
Updates on the status of Canvas can be found here.
____
The Associated Press contributed to this report
