Instructure Security Incident Updates

Friday, May 8, 2026

Instructure now has a page set up with active updates from them. See the latest details here: https://www.instructure.com/incident_update

At this time, there is still no evidence that the threat actor obtained credentials for any accounts within our organization or exfiltrated any additional data.

Wednesday, May 6, 2026

Instructure contacted our technology staff on March 5 at 5:00 PM with information regarding their recent security incident with Canvas. While their investigation is ongoing, Instructure informed us that our organization has been impacted by a criminal threat actor who has obtained data associated with our account. Instructure informed us of the following:

"Based on what we have found to date, the data involved appears to include personal information. At this time, we have found no indication that passwords, dates of birth, government identifiers, or financial information were involved."

As more information becomes available we will update this page accordingly.