A criminal extortion group claims to have stolen 275 million records from Instructure, the company behind the widely used Canvas platform.
PHOENIX — Arizona State University and ASU Prep are among the schools that have been impacted by a nationwide cyber attack on the platform Canvas.
Instructure, the company that runs the Canvas learning management system used by more than 7,000 universities, K-12 districts and education ministries worldwide, disclosed the breach to affected institutions this week. The company confirmed names, email addresses, student ID numbers and private messages between users had been accessed before the breach was contained.
Canvas is used by 41% of higher education institutions across North America to deliver courses. Millions of K-12 students rely on it as well.
Grand Canyon University confirmed they do not use Canvas and that they are unaffected by the hack.
Northern Arizona University has also been impacted by the attack.
In a statement, NAU said, “Instructure has reported that Canvas is currently unavailable for users globally. NAU will be monitoring the situation and providing updates as necessary.”
While the University of Arizona’s main campus and Arizona Online have not been impacted, the University of Arizona Global Campus (UAGC) has been impacted.
U of A officials say they are communicating directly with students regarding disruptions.
In a statement about the attack, ASU said, “ASU is aware of an incident that has affected Canvas, the online platform students and faculty use to access courses and submit work, that has resulted today in users being redirected and rendering the platform inaccessible at this time. This incident is unrelated to any ASU-managed system. The university is looking into the extent to which any data has been compromised and is working with students and faculty to circumvent this disruption in the closing days of the semester.”
Officials with ASU Prep sent the following letter to parents:
Dear Parents and Guardians,
We are writing to inform you about a recent security incident involving Canvas, the learning management system used by ASU Prep Global Academy.
Canvas’ parent company, Instructure, recently identified and contained unauthorized access to certain systems by a criminal actor. Their investigation, supported by external cybersecurity experts and law enforcement, indicates that the incident has been addressed and there is no evidence of ongoing risk.
What information may have been involved?
Based on the investigation to date, the information accessed may include limited user data, such as:
- Names
- Email addresses
- Student ID numbers
- Messages within Canvas
Importantly, there is no evidence that sensitive information such as passwords, dates of birth, Social Security numbers, or financial information was accessed.
What has been done
Instructure has taken multiple steps to secure its systems, including removing unauthorized access, fixing the vulnerability, increasing monitoring and working with cybersecurity experts and law enforcement.
What this means for you
At this time, there is no indication that accounts have been compromised or that sensitive personal or financial data was exposed. However, as a precaution, we recommend remaining aware of any unusual or suspicious communications.
We will continue to monitor updates from Instructure and will notify you if additional information becomes available that impacts our community.
If you have any questions or concerns, please do not hesitate to contact us.
Sincerely,
Rachel Maleski M.Ed.
The Maricopa County Community College District issued the following statement about the impacts on their district because of the attack:
“We are aware of a cybersecurity incident involving Instructure, the parent company of Canvas, the learning management system used across our colleges. The reported incident is a nationwide event affecting educational institutions across the country. Canvas is currently unavailable while Instructure works to address the outage and restore service. We are actively monitoring the situation and will continue working closely with the vendor as additional information becomes available.”
Paradise Valley Schools sent the following message to parents and families:
PVOnline students and families,
We are writing to inform you that our PVOnline learning platform, Canvas, is currently experiencing a nationwide outage, impacting multiple universities and school districts, including ours. As a result, students are temporarily unable to access coursework and submit assignments through Canvas. We want to reassure our students and families that PVOnline teachers will work with students through this challenge. Your student’s teachers will contact them tomorrow with additional information, so please watch for this important follow-up communication.”
PVSchools
The criminal extortion group ShinyHunters claimed responsibility for the attack. On a dark web leak site, the group alleged it had stolen more than 3.65 terabytes of data and threatened to release it unless its demands were met. The group said it stole roughly 275 million records tied to students, teachers and staff, and shared a list of 8,809 school districts, universities and online education platforms it claims were affected.
Watch 12News for free
You can now watch 12News content anytime, anywhere thanks to the 12+ app!
The free 12+ app from 12News lets users stream live events — including daily newscasts like “Today in AZ” and “12 News” and our daily lifestyle program, “Arizona Midday”—on Roku, Apple TV and Amazon Fire TV.
12+ showcases live video throughout the day for breaking news, local news, weather and even an occasional moment of Zen showcasing breathtaking sights from across Arizona.
Users can also watch on-demand videos of top stories, local politics, I-Team investigations, Arizona-specific features and vintage videos from the 12News archives.
Roku: Add the channel from the Roku store or by searching for “12 News KPNX.”
Amazon Fire TV: Search for “12 News KPNX” to find the free 12+ app to add to your account, or have the 12+ app delivered directly to your Amazon Fire TV through Amazon.com or the Amazon app.
