Instructure, the company behind the widely used Canvas learning platform, has disclosed a recent cybersecurity incident and is currently investigating its impact, according to a recent report by Bleeping Computer.Instructure confirmed that a criminal threat actor perpetrated the incident and that the company is working with external forensics experts to understand the full extent of the breach. Some services, including Canvas Data 2 and Canvas Beta, have been under maintenance since May 1, with customers warned of potential issues with tools relying on API keys, though Instructure has not explicitly linked this maintenance to the security incident.Education technology firms are increasingly targeted by threat actors due to the sensitive student and teacher data they hold. This follows similar incidents involving PowerSchool, which disclosed a breach affecting 62 million students in January 2025, and Instructure's own separate breach in September 2025, which resulted from a social engineering attack on its Salesforce instance. Infinite Campus has also faced similar campaigns with claims of data theft from its Salesforce environment.Source: Bleeping Computer
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds