Body
Overview:
Instructure, the company that provides Canvas, has confirmed a cybersecurity incident perpetrated by a criminal threat actor. The University of Idaho's Office of Information Technology (OIT) and the Center for Excellence in Teaching and Learning (CETL) are actively monitoring the situation and will communicate updates through official channels as new information is confirmed. In the meantime, members of the university community should be cautious of attackers who may attempt to take advantage of this incident.
- What happened?
- What should I do?
- How do I report a suspicious message?
- Where can I find official updates?
- Is Canvas still available?
Request OIT assistance
What happened?
On May 1, 2026, Instructure disclosed a confirmed cybersecurity incident on their official status page. Instructure is actively investigating the incident with outside forensics experts and is working to understand the full extent of what occurred.
OIT is tracking this incident closely and will notify the university community if any University of Idaho data or systems are confirmed to be affected. On May 5, U of I was notified that some personal information was affected, but it would not include government identifiers, dates of birth, or financial information. The exact scope if not yet disclosed.
What should I do?
Security incidents like this are frequently exploited by attackers who send phishing emails impersonating Canvas, Instructure, or university IT staff. Be alert for messages that:
- Ask you to re-verify your Canvas login or university credentials
- Claim your account has been compromised and prompt you to click a link
- Request urgent account actions from addresses that resemble, but are not, official university or Instructure domains
- Include unexpected password reset requests you did not initiate
If you are ever unsure whether a message is legitimate, do not click any links. Use the Report Phish button or contact the OIT before taking any action.
OIT will never ask for your password via email.
How do I report a suspicious message?
If you receive an email that appears to be related to this incident or looks suspicious, report it immediately using the Report Phish button in Outlook. A step-by-step guide can be found at How to report a spam or phishing message?
Note: If you are ever unsure whether a message is spam or a malicious phish, you can always report it to OIT for analysis.
Where can I find official updates?
Only trust communications from the following official sources regarding this incident:
- Announcements posted inside our official Canvas at CANVAS.UIDAHO.EDU (look for system-wide notices at the top of your Dashboard)
- Emails sent from OIT using official @uidaho.edu addresses
- The Instructure status page: status.instructure.com/incidents/9wm4knj2r64z
Is Canvas still available?
At this time, Canvas remains accessible. OIT is monitoring system availability and will notify the university community immediately if there are any changes to service status.