UPDATE FROM INSTRUCTURE CANVAS
To our Instructure Community,
As you know, on May 5, we notified Instructure customers whose data we believed had
been exfiltrated during the recent cybersecurity incident. That initial communication
was based on the early findings of our forensic investigation and was intended to
alert any organization we believe may have been impacted, out of an abundance of caution.
Since that time, our third-party investigation and corresponding data analysis have
progressed substantially, and we have continued to refine the scope of the data that
we believe was exfiltrated. Based on that progress, we have since determined that
a subset of customers that we previously believed were affected by this incident did
not, in fact, have data exfiltrated from their Canvas instance.
On May 21, after completing our preliminary data review, we provided all impacted
Canvas admins with a file containing an initial assessment of the data fields that
may have been involved, specific to their organizations. If you did not receive a
delivery of files regarding the incident in Canvas on May 21, you can feel confident
that as of now, we have determined that your data was not involved in this incident.
We will confirm that determination once our third-party data review is complete.
We want to stress that at this time, all admins of Canvas instances believed to have
been impacted have received a package outlining the fields that may have been exfiltrated.
If your organization has multiple Canvas instances and you would like assistance in
reviewing them, please contact your CSM.
We will continue to provide updates as we have more meaningful information to share,
and encourage you to continue visiting https://www.instructure.com/incident_update.
Thank you,
Steve Daly
Instructure CEO
As a follow-up to previous communication regarding the Canvas security breach, Instructure
has informed its customers that user account information, email addresses, course
information, enrollment information, and Canvas messages may have been exposed during
this breach. They expect to provide a more detailed list of the affected data fields
within the next few days. Information regarding specific Snow College users may not
be available until their full review is completed, which could take several weeks.
Course learning data, including submitted assignments and grades, as well as credentials, passwords, and developer keys, were not compromised in this breach.
We have received notification from our third-party integrations, such as CidiLabs, Simple Syllabus, and publisher software, that their systems were not impacted by the data breach. Although course learning materials were not impacted, if you feel the need to modify exam questions or assignment prompts, the Teaching and Learning Center will be glad to help you.
Because Snow College uses two-factor authentication, there is currently no indication that attackers can directly access your accounts using the exposed information. However, since email addresses may have been compromised, users should remain alert for phishing emails or other suspicious communications.
As a general cybersecurity best practice, avoid clicking links or opening attachments in unexpected or suspicious emails. Instructure (Canvas) is posting daily updates regarding the breach on its website.
Snow IT
Dear Campus Community:
Instructure Canvas recently experienced a security issue affecting many institutions, including ours. Some users briefly saw unexpected page changes. The issue has been resolved, and Canvas is fully operational with no evidence of ongoing unauthorized access. Other Snow College systems were not impacted.
Potentially accessed data may include names, email addresses, student ID numbers, and canvas messages. There is no evidence that passwords or sensitive financial or personal data were compromised.
What you should do:
The Utah System of Higher Education (USHE) has worked diligently on this, and we have followed their guidance. They provided additional information this afternoon. We will continue to monitor and share updates if needed. Other helpful information is below:
