Canvas, a learning management system across all school levels in the state, is down after a cyberattack compromised student, teacher, and staff data. Multiple s
Canvas, a learning management system across all school levels in the state, is down after a cyberattack compromised student, teacher, and staff data. Multiple school districts started notifying parents on Thursday.
The platform is used for students to keep track of their schoolwork, turn in assignments, and communicate with their teachers. Students and parents have separate accounts.
The timing of Canvas shutting down is especially inconvenient as students near the end of the school year. In an email to parents, the Davis School District said they have been informed by Instructure, Canvas's parent company, that DSD is one of the organizations whose data was potentially affected by the incident. The Washington School District also confirmed that they were targeted.
Jordan School District notified district members on its website of the breach, but did not say if its district was targeted. 2News is working to confirm what other districts across the state were notified of potential impacts. According to Canvas, "the data involved appears to include personal information. At this time, we have found no indication that passwords, dates of birth, government identifiers, or financial information were involved.
” What may have been compromised includes student and employee names, email addresses, student ID numbers, and messages exchanged on the platform. While Instructure says more sensitive data was not accessed, family tech expert Sarah Kimmel said any stolen data can put families at risk.
"This can really up the spear-phishing game because they have a lot of information about how you communicate, who you communicate with, and your vulnerabilities," Kimmel said. Kimmel describes spear-phishing as "a lot more targeted , using people who you know or information that they've gathered through social engineering.
" Spear-phishers rely on leveraging personal information — like details that may be gathered from the private messages stolen in this breach — to create a sense of familiarity, concern and urgency. "They can get all of those messages into an AI platform and have it spit out different things, like 'this kid is vulnerable at this,' or 'this person's not doing well in this category,' or 'your kid is failing this class,' and then send an email and prompt you to 'click here to get some extra credit,' or something like that.
" The Utah State Board of Education told 2News yesterday that Instructure said the issue had been resolved. They are now walking that back. In a statement, USBE said, "While earlier communications from Instructure indicated the issue had been resolved, reports received from local education agencies and national reporting on May 7 suggest that the incident may be ongoing. At this time, the full scope and status of the incident are still being determined.
"Some students who attempted to access Canvas today may have seen a message from the hacking group for a brief period of time. Dark web hacking group "ShinyHunters" has claimed responsibility for the attack. Some students who attempted to access Canvas today may have seen a message from the hacking group for a brief period of time. ShinyHunters has breached Instructure .
Instead of contacting us to resolve it they ignored us and did some "security patches.
"If any of the schools in the affected list are interested in preventing the release of their data, please consult with a cyber advisory firm and contact us privately at TOX to negotiate a settlement. You have till the end of the day by 12 May 2026 before everything is leaked.
"I would 100% take those threats seriously," said Kimmel. "They usually won't say something unless they've got the goods to back it up. Hackers love to bring the receipts.
"The Utah State Board of Education is aware of a reported and ongoing cybersecurity incident involving Instructure, the vendor that owns and operates the Canvas learning management system used by many schools and educational institutions nationwide. Based on information shared to date, potentially impacted data may include user names, email addresses, student identification numbers, and messages exchanged within the Canvas platform.
While earlier communications from Instructure indicated the issue had been resolved, reports received from local education agencies and national reporting on May 7 suggest that the incident may be ongoing. At this time, the full scope and status of the incident are still being determined. USBE continues to closely monitor the situation and coordinate with local education agencies across the state. At this time, there is no action required from students or families.
Once additional information becomes available regarding any potentially impacted individuals, appropriate notifications will be issued in coordination with relevant partners. Out of an abundance of caution, we encourage students, families, and educators to remain attentive and be alert to unexpected emails, messages, or potential phishing attempts that may appear related to this incident. Any suspicious activity should be reported to the appropriate local education agency IT department.
Canvas, a learning management system, experienced a cyberattack that potentially compromised millions of users' personal information. The Utah State Board of EduSome school districts in Utah have apparently spent tens of thousands of dollars this year on catering, pizza, movies, travel, hotels, Bees baseball, Amazon andThe group tied to a proposed massive data center project in Box Elder County has withdrawn a water rights application connected to the development, according toA Tremonton couple was arrested on charges of child torture Wednesday following an investigation into the death of their 11-year-old childSouthbound traffic experienced significant delays on Interstate 15 after a car flipped on its side near the West Davis Highway interchange in Centerville. The U
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Massive Data Breach Targets Canvas Learning Management System Used by Universities and SchoolsUniversities and schools K-12 across the country, including in the Philadelphia area, have been impacted by a massive data breach targeting a system widely used by students and faculty. The breach involves Instructure, the parent company of Canvas, a web-based learning management system used daily by educators and students for coursework, assignments, and communication.
Read more »
Several SoCal schools impacted by widespread data breach involving Canvas learning softwareThe extortion group 'Shiny Hunters' has reportedly claimed responsibility for the attack.
Read more »
Cyberattack hits Canvas learning management systemThe Associated Press
Read more »
Cyberattack shutters Canvas learning platform for schools across the U.S.A system that thousands of schools and universities use was offline due to a cyberattack.
Read more »