Canvas Learning System Paid Hackers to Delete Stolen Student Data

The company that operates Canvas, a widely used online learning system, made a deal with hackers to delete the data they stole. The cyberattack created problems for students across the country, many of whom were in the middle of final exams when the breach occurred. The hackers had stolen student and school data from the Canvas platform. If your child's school uses Canvas, or if you are a student using Canvas for college classes, this breach likely affected your account. Canvas is used by millions of students for online coursework, turning in assignments, taking tests, and checking grades.

While the company has reached an agreement with the hackers, there is no guarantee that the stolen data has actually been deleted or that copies do not exist elsewhere. Take action now to protect your accounts. First, change your Canvas password immediately to something strong and unique. Second, if you reused your Canvas password on other sites like email or social media, change those passwords as well. Third, turn on two-factor authentication for Canvas if your school provides this security feature. Fourth, be alert for phishing emails. Scammers may pose as Canvas or your school to try to steal more information. Fifth, talk to your school's IT department or administration to find out what specific information was compromised and what protections they are putting in place. This incident shows why relying on companies to protect our data is not enough. You need your own security habits. Never use the same password across multiple sites. Be cautious about what personal information you put into school platforms when you have a choice. Teach children to recognize suspicious emails and never click on unexpected links. Ask your school what security measures they require from the technology vendors they choose to work with.