Home / Canvas Update

Canvas Update

Updated May 14, 2026

Canvas is operational. Instructure has reported no evidence of unauthorized activity since May 7, 2026.
Known exfiltrated data categories (per Instructure’s May 13 customer webinar) include Canvas usernames, email addresses, course names, enrollment information, and Canvas Conversations/Inbox messages.
Canvas reports that these areas are not impacted: Core learning data (course content, submissions, grades), credentials, API tokens, and developer keys.
Student ID status remains pending.
Per-tenant data category list is expected from Instructure within days; row-level / individual-user-level details are expected within several weeks.
Instructure committed at the May 13 webinar to conducting required notifications on customers’ behalf if a customer chooses, on a customer-by-customer opt-in basis.
Instructure has stated it engaged with U.S. law enforcement and relevant regulatory agencies.
Instructure reports that other Instructure products (Parchment, Mastery, etc.) are not affected.

If you encounter any issues with Canvas, please contact the WWCC Help Desk immediately.

Security Reminders & Best Practices

At this time, no additional action is required beyond following these standard best practices:

DO NOT send personally written messages to other staff or students regarding the cyber attack. All communications must come from official college channels. This is extremely important and could have legal ramifications.
Stay alert for suspicious messages and alerts. Reports indicate ransom images and fraudulent emails requesting money or access to financial information may circulate. Do not click links in unsolicited emails or open attachments from unknown senders, including messages appearing to come from Canvas or Instructure.
Report anything suspicious to the WWCC Help Desk immediately.
Never share your password with anyone, even someone claiming to represent a trusted organization. Update passwords frequently.
Keep your software and operating system up to date to help address known security vulnerabilities.

For additional assistance or resources, please contact WWCC Technology Services.

Additional updates and notices will continue to come through official WWCC channels only.

Thank you for your patience as we navigate this unexpected event.

Updated May 8, 2026

Walla Walla Community College is sharing an update on a security incident involving Canvas, the learning management system used at our college and at colleges across the country.

What happened: On May 7th, Instructure — the company that operates Canvas — notified colleges across the country that an unauthorized third party obtained data associated with our Canvas environment. This incident was not specifically directed at Walla Walla Community College. Instructure serves many institutions, and this appears to be a vendor-driven incident affecting multiple education customers. Instructure has stated that the broader incident affected many institutions in the United States. Instructure has reported that the attack occurred on April 25, 2026; that the company detected the attacker on April 29; and that access was revoked and the underlying vulnerability was addressed on April 30. Federal law enforcement, including the FBI and the U.S. Cybersecurity and Infrastructure Security Agency (CISA), has been notified by Instructure.

What was involved at our college: Based on the information Instructure has provided to us so far, the data involved may include personal information; however, Instructure has not yet provided the exact data elements or affected user count for our college. Instructure has stated publicly that, across the broader incident, names, email addresses, student ID numbers, and user-to-user Canvas messages were potentially involved. We have asked Instructure to confirm specifically what was involved, including whether Canvas messages were affected and how many users were impacted, and we will share additional information as we receive it.

What was reportedly not involved: Instructure has stated that there is no indication that passwords, dates of birth, Social Security numbers, or financial account information were involved. If Instructure’s findings change, we will update affected community members.

What we are doing: WWCC is working with the State Board for Community and Technical Colleges (SBCTC), to press Instructure for additional information about what was specifically involved at our college. We will provide further updates on this page as additional confirmed information becomes available.

What is the current situation: The national cybersecurity issue affecting the third-party platform has been reported as contained, and Canvas services are operating normally again. WWCC will continue monitoring the situation closely.

If you experience any issues accessing Canvas, please contact WWCC Technology Services immediately.

As a reminder:
• Be cautious of suspicious emails, links, or attachments
• Do not respond to unsolicited messages requesting money or personal information
• Never share your password with anyone
• Keep your devices and software updated

Anyone with questions can contact WWCC Technology Services.

FAQ

Was my information taken?

Instructure has confirmed that an unauthorized third party obtained data from our college’s Canvas environment but at this time we do not know whose information was obtained. Instructure has not yet provided the exact data elements or affected user count for our college. As soon as we have specific information for our college, we will share it with the affected community.

Do I need to change my Canvas password?

Based on current information, there is no indication that passwords were involved. Canvas single sign-on does not provide Canvas with your password — you sign in to Canvas using your WWCC account through our secure single sign-on. There is no need to reset your password as a result of this incident. (As always, normal good practice applies: Change your password if you have any other reason to believe your account may have been compromised.)

Is Canvas safe to use?

Canvas is operating normally. Instructure has reported addressing the underlying vulnerability and deploying additional protections across its platform. EDUCAUSE has issued sector guidance saying no specific institutional remediation appears required at this time. You can continue using Canvas for your coursework.

Were my Canvas messages or course content involved?

Instructure has stated publicly that user-to-user Canvas messages were potentially involved across the broader incident. Instructure has not yet confirmed whether messages from our college’s Canvas environment were specifically involved. We are asking Instructure for that information and will share it when received. Course content (assignments, files, grades) has not been described by Instructure as involved.

Will I get credit monitoring or identity-protection services?

At this time, Instructure has reported no indication that passwords, dates of birth, government identifiers, or financial account information were involved. Because those data types have not been identified, credit monitoring may not be applicable based on the information currently available. We are waiting for Instructure to provide tenant-specific details about exact data elements and affected users. If Instructure or WWCC determines that identity-protection resources are appropriate, we will share that information.

Why am I just hearing about this now?

Instructure publicly disclosed the incident on May 1, 2026. WWCC received tenant-specific confirmation that our Canvas environment was affected on May, 7. We are sharing the information as we are able rather than communicating based on news reports or speculation.

What should I do now?

There is no specific action required of you inside Canvas. As good general practice: Be alert to unexpected emails, texts, or calls that request personal information or that direct you to log in through unfamiliar links. Don’t click suspicious links; instead, contact the IT Help Desk if anything looks off. If you sign in to other websites using the same email address, make sure you have strong, unique passwords on those accounts and consider enabling multi-factor authentication.

Who can I contact for more information?

Questions about this incident specifically, technical or sign-in questions, privacy or data-related concerns: IT Help Desk

We will continue to update this page as additional information becomes available.