GoKawiilInstructure, the company behind the widely used Canvas learning platform, has disclosed that it recently suffered a cybersecurity incident and is now investigating its impact.
The U.S.-based education technology company is best known for developing Canvas, a widely used learning management system that helps schools, universities, and organizations manage coursework, assignments, and online learning.
"Instructure recently experienced a cybersecurity incident perpetrated by a criminal threat actor. We are actively investigating this incident with the help of outside forensics experts," reads a statement from Steve Proud, Chief Security Officer.
"We are working quickly to understand the extent of the incident and actively taking steps to minimize its impact. Maintaining your trust is our highest priority, and we are committed to transparency throughout this process."
Instructure says that it will provide new information regarding its investigation as it becomes available.
Since May 1, some services, including Canvas Data 2 and Canvas Beta, have been under maintenance, with customers warned they may experience issues with tools that rely on API keys.
The company has not stated whether this maintenance is related to the security incident.
BleepingComputer contacted Instructure earlier today with questions about the incident, but has not received a response.
BleepingComputer previously published and retracted an earlier report about this incident after determining it was based on incorrect information from a prior disclosure.
Targeting education technology firms
... continue reading