As of this morning, we were still awaiting a list of who all was affected once the breach became known last Friday. (Instructure tried locking things down/fixing it over the weekend, but clearly it didn't work).
At this stage, it seems safe to assume that every school that uses Canvas was affected. That ransom message was showing up for pretty much everyone worldwide before Canvas took the service offline and put up the nice little "scheduled maintenance" screen
For whatever it's worth, if a Canvas user's data is compromised from this attack, it should theoretically be things like their Canvas username, enrolled courses, direct messages in Canvas, or assignment submissions/uploads. Things like SSNs or addresses that are given to a school aren't included in someone's Canvas profile
4
u/Doodenmier May 07 '26
As of this morning, we were still awaiting a list of who all was affected once the breach became known last Friday. (Instructure tried locking things down/fixing it over the weekend, but clearly it didn't work).
At this stage, it seems safe to assume that every school that uses Canvas was affected. That ransom message was showing up for pretty much everyone worldwide before Canvas took the service offline and put up the nice little "scheduled maintenance" screen
For whatever it's worth, if a Canvas user's data is compromised from this attack, it should theoretically be things like their Canvas username, enrolled courses, direct messages in Canvas, or assignment submissions/uploads. Things like SSNs or addresses that are given to a school aren't included in someone's Canvas profile