COTTONWOOD HEIGHT, Utah — A Cottonwood Heights company was at the center of a global outage affecting millions of students, including those at Utah school districts, after its system that allows access to study materials, grades and tests was hacked.
The cybersecurity incident involving the Canvas learning management system affected millions around the world before it was resolved for most users overnight.
The Davis School District alerted parents via email Thursday that the system was down, and that teachers will "provide flexibility" on assignment due dates that are impacted by the outage.
Canvas is operated by Instructure, which is based in Salt Lake County.
Instructure says they first detected unauthorized activity on April 29, which they responded to by revoking the party's access and starting an investigation.
It wasn't until May 7 that the company identified additional unauthorized activity tied to the April 29 incident, and the company took Canvas offline to contain the activity and apply additional safeguards.
On Thursday, the Davis School District wrote that Instructure "has not yet provided complete information regarding what specific district data, if any, may have been accessed."
The hacking group named ShinyHunters claimed responsibility for the breach, Luke Connolly, a threat analyst at the cybersecurity firm Emisoft.
Over 30 million people use Canvas across the world, involving more than 8,000 educational institutions.
The Davis School District said the system does not provide sensitive information such as passwords, government-issued identification numbers, birth dates, or financial information.
"Instructure has stated there is currently no evidence that this type of information was involved in the incident," the district wrote in its email.
Instructure says they found no evidence that passwords, dates of birth, government identifiers, or financial information were involved. The company has involved the FBI, the U.S. Cybersecurity and Infrastructure Security Agency, and international law enforcement partners in the investigation.
The company adds that they believe their "bad actors" were using Canvas' Free-For-Teacher accounts, and they have temporarily shut down those accounts to remove the access path.
Anyone still using the platform is urged to be cautious of unexpected emails or messages referencing the incident and to avoid clicking suspicious links and report anything unusual to your school or institution's IT or security team.
