College Learning Platform Canvas Still Working Through Data Breach: What Students and Parents Need to Know
Instructure's Canvas breach investigation is taking longer than expected. Schools are just now getting details about what student data was exposed.
Source
DataBreaches.net
Original headline: The Breach That Won’t End: An Update on Canvas, and how they created an EdTech’s Vendor Trust Problem
Plain-English summary by GetCyberRight. Read the full report at the source above.
Instructure, the company behind Canvas (a widely used college and university learning platform), experienced a data breach that is taking much longer to investigate than anyone anticipated. Through June, the company was still finalizing findings about what data was compromised at each school. In early July, Instructure began sending the first wave of detailed information to affected institutions through secure file-sharing links. If you or your children use Canvas at college or university, your student data may have been exposed. Canvas is used by millions of students across educational institutions. Each school is receiving specific information about what data from their students was affected, but this process has been slow. Parents and students should contact their school's IT security office to find out if their institution was impacted and what specific information was compromised.
Here is what to do right now. First, contact your school's security office or Canvas administrator to ask if your data was part of the breach. Second, change your Canvas password immediately and make sure it is different from passwords you use elsewhere. Third, watch your school email account closely for updates from your institution. Fourth, be extremely careful about any emails claiming to be from Canvas or your school asking you to click links or provide login information. Fifth, if your Canvas account is connected to other school services, consider changing those passwords as well.
Stay one step ahead of scammers
Weekly cybersecurity briefings for families. No spam, just the threats that matter and what to do about them.
This breach highlights a growing problem in educational technology. Schools rely on many outside companies to provide learning platforms, but when these vendors experience breaches, students and families are left waiting for answers. Ask your school what security measures they require from technology vendors. Teach your children to use unique passwords for school accounts and to report suspicious emails or login requests to school IT staff immediately.
Curated from trusted cybersecurity sources by GetCyberRight
Source: DataBreaches.netStay ahead of cyber threats
Get our free weekly digest. Real threats, plain language, what to do about them. No spam, ever.
More articles
Your School Records May Have Been Exposed: Canvas Data Breach Continues to Unfold
If your child's school uses Canvas, student and family information may have been exposed. The investigation is taking longer than expected.
2 min readItalian Phone Company Fined After Customer Data Exposed: Are You Affected?
WINDTRE exposed personal information of 365,000+ customers due to poor security. Italy's regulator fined them 1.7 million euros for the failures.
2 min readItalian Phone Company WINDTRE Fined After Personal Data of 365,000 Customers Exposed
If you're a WINDTRE customer in Italy, your personal information may have been exposed due to security problems at the phone company.
2 min readQantas Data Breach Exposed Millions: What Australian Travelers Should Know
5.67 million Qantas customer records were leaked in 2025, but regulators found no privacy rule violations. Here's what affected travelers should do.
2 min read