School Portal System Canvas Hit by Security Flaw Allowing Hackers to Post Messages

Education technology company Instructure has confirmed that hackers found and used a security vulnerability in Canvas, their widely used online learning platform. The security flaw allowed attackers to change what appeared on Canvas login portals and leave extortion messages. Canvas is used by many schools, colleges, and universities for online learning, assignment submission, and communication between teachers and students. If your children's school or your own educational institution uses Canvas, you may have been affected by this incident. The hackers were able to modify the login pages that students and parents see when accessing Canvas. While Instructure has confirmed the vulnerability exists, the company has not provided details about how many schools were affected or what specific information, if any, was compromised beyond the defaced login portals.

Take these steps right now if your school uses Canvas:

1. Change your Canvas password immediately by going directly to your school's official Canvas website (type the address yourself, do not click links in emails).
2. If you use the same password for Canvas that you use anywhere else, change those other passwords too.
3. Enable two-factor authentication on your Canvas account if your school offers this option.
4. Contact your school's IT department or administration to ask what specific information may have been compromised and what steps they are taking.
5. Watch for suspicious emails that claim to be from Canvas or your school, especially any requesting personal information or payment. Online learning platforms hold significant information about your family, including student records, grades, and contact details. Always use unique passwords for educational platforms, and never reuse passwords across multiple sites. Teach your children to recognize suspicious activity on their school accounts and to report it to a teacher or parent immediately. When schools send notifications about security issues, read them carefully and follow their recommended steps.