// Alert

Canvas threat report

Canvas, the Instructure-owned learning management system, was the subject of a hack disclosed in early May 2026 that exposed data from nearly 9,000 schools, including personally identifying information. Reporting frames the incident as part of a broader pattern of edtech breaches affecting student and staff records. Specific attack vectors, threat actor attribution, and the full scope of compromised data have not been detailed in this coverage. Schools using Canvas should monitor for official Instructure advisories, review account activity, and prepare for potential notification obligations. Severity is rated HIGH given the confirmed large-scale exposure of personal data across thousands of institutions.

// Get alerts for Canvas