Nationwide security incident involving Canvas
Nationwide security incident involving Canvas
Publish Date: 2026-05-08 21:26:00
Source Domain: ucnet.universityofcalifornia.edu
Updated May 9, 2026
The University of California continues assessing updates from Instructure and cybersecurity partners regarding the recent Canvas security incident. Based on the latest information available, campuses and locations are evaluating next steps regarding restoration of Canvas services.
Additional updates and campus-specific information will be shared through local communications channels as more information becomes available.
As always, we encourage community members to remain vigilant regarding potential phishing attempts or suspicious communications.
Updated May 8, 2026
Now that Instructure has advised that the incident has been contained and remediated, UC is making risk-based decisions about when to restore access to Canvas at campuses based on their operational needs. UC will continue to work closely with its IT teams across the system and determine next steps based on updates from Instructure. We understand the disruption this incident has caused for students, faculty, and staff. We will continue to monitor the situation and share additional information as it becomes available.
Updated May 7, 2026
The University of California is closely monitoring the security incidents involving Instructure, the maker of learning management system Canvas used by thousands of educational institutions globally. Across our locations, we are aware that the Canvas login page displayed a suspicious message originating from the threat actor. The Instructure Security Incident Update & FAQs page provides information about what happened and how Instructure is responding.
As always, we encourage our community members to remain vigilant and exercise caution regarding potential phishing attempts. Watch for unexpected messages that seem to come…
