Use cases
Software Products E-commerce MSPs Schools Development & Marketing DevOps Agencies Help Desk
Company
Internet Status Blog Pricing Log in Get started free

Outage in Canvas Instructure

Confirmed Security Incident

Resolved Minor
May 01, 2026 - Started 9 days ago - Lasted 5 days
Official incident page

Incident Report

Summary AI Generated

Canvas Instructure experienced a cybersecurity incident perpetrated by a criminal threat actor that lasted approximately 5 days, affecting user identifying information including names, email addresses, student ID numbers, and user messages. The company contained the incident by revoking privileged credentials, deploying security patches, rotating keys, and implementing enhanced monitoring, with Canvas returning to full operational status and no ongoing unauthorized activity detected.

Instructure recently experienced a cybersecurity incident perpetrated by a criminal threat actor. We are actively investigating this incident with the help of outside forensics experts. We are working quickly to understand the extent of the incident and actively taking steps to minimize its impact. Maintaining your trust is our highest priority, and we are committed to transparency throughout this process. We will provide new information as it is confirmed. Steve Proud Chief Information Security Officer
Latest Updates ( sorted recent to last )
RESOLVED 4 days ago - at 05/06/2026 09:15PM

UPDATE - Canvas is fully operational, and we are not seeing any ongoing unauthorized activity.
As a precaution, we recommend customers follow security best practices, including enforcing MFA on privileged accounts, reviewing admin access, and rotating API tokens or keys where applicable.
This will be our final update via this status page for this incident. We will continue to provide updates as appropriate through other channels and are now communicating directly with impacted customers to provide organization-specific information and support.

INVESTIGATING 4 days ago - at 05/06/2026 09:13PM

We are continuing to investigate this issue.

INVESTIGATING 8 days ago - at 05/02/2026 06:46PM

We are providing an update on the security incident we advised you of yesterday. While our investigation continues alongside our outside forensics experts, at this stage we believe the incident has been contained.

Here are the steps we have taken since we became aware of the incident. We have:
- Revoked privileged credentials and access tokens associated with affected systems
- Deployed patches to enhance system security
- Out of an abundance of caution, we rotated certain keys, even though there is no evidence they were misused
- Implemented increased monitoring across all platforms

While we continue actively investigating, thus far, indications are that the information involved consists of certain identifying information of users at affected institutions, such as names, email addresses, and student ID numbers, as well as messages among users. At this time, we have found no evidence that passwords, dates of birth, government identifiers, or financial information were involved. If that changes, we will notify any impacted institutions.

Thank you for your patience as we work to resolve this matter. We sincerely regret any inconvenience or concern this may cause. We will continue to keep you apprised as our investigation progresses. For up-to-date information on specific systems, please continue to visit our status page.

Steve Proud
Chief Information Security Officer

INVESTIGATING 9 days ago - at 05/01/2026 10:30PM

Instructure recently experienced a cybersecurity incident perpetrated by a criminal threat actor. We are actively investigating this incident with the help of outside forensics experts. We are working quickly to understand the extent of the incident and actively taking steps to minimize its impact. Maintaining your trust is our highest priority, and we are committed to transparency throughout this process. We will provide new information as it is confirmed.

Steve Proud
Chief Information Security Officer

Latest Canvas Instructure outages

Canvas is Available for Most Users. Canvas Beta and Canvas Test are still in maintenance. - 3 days ago
Some users are having difficulties logging into Student ePortfolios - 3 days ago
Unsupported files for Groupdocs unable to render - 3 days ago
Some users may not see their data in Canvas Portfolio - 4 days ago
Users utilizing Outcomes may run into errors or incorrect scores. - 5 days ago

Never miss outages in third-party dependencies

With IsDown, you can monitor all your critical services' official status pages from one centralized dashboard and receive instant alerts the moment an outage is detected. Say goodbye to constantly checking multiple sites for updates and stay ahead of outages with IsDown.

Start free trial

No credit card required · Cancel anytime · 6320 services available

Integrations with Slack Microsoft Teams Google Chat Datadog PagerDuty Zapier Discord Webhook