Clark University - ITS incident

Canvas: Security Incident

Major Resolved View vendor source →

Clark University - ITS experienced a major incident on May 6, 2026, lasting —. The incident has been resolved; the full update timeline is below.

Started
May 06, 2026, 02:04 PM UTC
Resolved
May 06, 2026, 02:04 PM UTC
Duration
Detected by Pingoru
May 06, 2026, 02:04 PM UTC

Update timeline

  1. investigating May 06, 2026, 02:04 PM UTC

    Instructure, the parent company of Canvas, is reporting a nationwide security incident. Instructure believes the incident is now contained. Canvas remains available and functional. We are actively monitoring updates from Instructure and assessing the impact on Clark data. You can learn more from the [Instructure Incident Report](https://status.instructure.com/incidents/9wm4knj2r64z). If you have any questions about this incident, please contact the ITS Help Desk at 508-793-7745 or [email protected].

  2. resolved May 15, 2026, 02:48 AM UTC

    The following email was sent to campus with an update on the security incident. We are writing to share an update about a recent security incident involving Instructure, the company that provides Canvas. - You do not need to take any action. **Your Clark Account password was not part of the breach**. Instructure never knows your Clark Account password. - Canvas is fully operational and Instructure has implemented additional safeguards to better protect the environment. There is **no indication that Clark users need to stop using Canvas**. - Although there is no evidence of related phishing at this time, we encourage everyone to **be especially cautious with unexpected emails**, especially messages related to Canvas courses, asking you to click a link, open an attachment, or provide login information. ### What We Know On April 29, Instructure detected unauthorized activity in the Canvas environment used by institutions worldwide. They immediately revoked access, started an investigation and engaged CrowdStrike, an outside cyber-forensic expert. On May 7, the same unauthorized actor accessed the system again. Out of caution, Instructure took Canvas offline to contain activity, investigate and apply additional safeguards. On May 11, Instructure confirmed that measures have been taken to secure the compromised data and prevent its publication. ### How This Impacts Clark At this time, ITS is awaiting the exact data impacted by this incident from Instructure. Instructure has stated that it could include usernames, email addresses, course names, enrollment information and Canvas messages. We have been told that it does not include passwords, course content or submissions. ### What Happens Now Clark ITS will continue to work closely with Instructure and our security partners, to identify the data that has been impacted and take appropriate actions. If any further action is required, we will provide additional information via email and the ITS status page. Instructure has provided a comprehensive incident information page with a timeline, communications, and frequently asked questions. For Clark-specific updates, monitor our status page. ### Support If you have any questions about this incident after reviewing Instructure’s incident page, please contact the ITS Help Desk (support.clarku.edu, [email protected], or 508-793-7745).