Instructure has confirmed a data breach affecting its Canvas learning management platform that impacted educational institutions globally. The company stated it reached an agreement with the unauthorized actor that resulted in the return and destruction of the accessed data. Affected organizations include Pittsfield Public Schools in Massachusetts, where secondary student progress reports were among the data exposed, and Singapore government-supported institutes, where the Ministry of Education said no sensitive data appears to have been leaked. The full scope of impacted institutions and data categories has not been disclosed, and Instructure is continuing to notify affected customers. Institutions using Canvas should review notifications from Instructure and assess any downstream exposure of student or staff records.
- Pittsfield Public Schools says secondary progress reports impact(opens in a new tab)
- No sensitive data leaked in global Canvas learning platform brea(opens in a new tab)
- No sensitive data leaked in global Canvas breach, Singapore MOE (opens in a new tab)
- Canvas hack: Company pays criminals to delete students’ stolen d(opens in a new tab)
- The Canvas breach proved that prevention is no longer enough | C(opens in a new tab)
- Can You Trust a Hacker's Promise? The Reality Behind the Canvas (opens in a new tab)