We are writing with an important update on a recent Canvas security incident.
On April 25, 2026, Instructure experienced a cybersecurity incident perpetrated by a criminal threat actor. We detected the attacker on April 29 and immediately revoked the access. On April 30, as the investigation expanded, we revoked additional suspicious access and addressed the underlying vulnerability.
On May 7, 2026 an unauthorized actor made changes to the pages that appeared when some students and teachers were logged in. We quickly identified this unauthorized activity and immediately took steps to contain it, including temporarily taking Canvas offline into maintenance mode as a precaution to prevent further unauthorized access. Working in coordination with our independent forensics partner, we have found no evidence that the unauthorized actor established persistence, obtained credentials for accounts within your institution, or exfiltrated any additional data.
While our investigation remains ongoing with the assistance of outside forensic experts, we want to share that Logan View Public Schools was one of the many nation-wide accounts that was impacted by this criminal actor who obtained data associated with our accounts. Based on what we have found to date, the data involved appears to include personal information. At this time, we have found no indication that passwords, dates of birth, government identifiers, or financial information were involved. Information that was impacted includes names, email addresses, student ID numbers, and private messages.
Respectfully,
Logan View Public Schools