// CanvasHIGH
Canvas, the Instructure-owned learning management system, was the subject of a hack disclosed in early May 2026 that exposed data from nearly 9,000 schools, including personally identifying information. Reporting frames the incident as part of a broader pattern of edtech breaches affecting student and staff records. Specific attack vectors, threat actor attribution, and the full scope of compromised data have not been detailed in this coverage. Schools using Canvas should monitor for official Instructure advisories, review account activity, and prepare for potential notification obligations. Severity is rated HIGH given the confirmed large-scale exposure of personal data across thousands of institutions.
- Canvas hack exposes schools’ vulnerability to cyberattacks - The(opens in a new tab)
- Canvas hacked: Major data breach impacts schools across US(opens in a new tab)
- What the Canvas cyber breach means for Australia’s schools | The(opens in a new tab)
- Canvas breach highlights growing risks of digital dependence in (opens in a new tab)
- What to do after Canvas data breach: Wisconsin DATCP issues cons(opens in a new tab)
// Get alerts for Canvas