A “security incident” impacting a popular classroom software caused issues for students at schools across the U.S. on Thursday, including Chicago-area universities like Northwestern and Dominican. <\/p>\n
Around 2:50 p.m., reports of issues with Canvas, a learning management system used by roughly 40% of higher education institutions in North America, began popping up on Down Detector<\/a>. By 3:35 p.m., over 8,500 reports had been made by users.<\/p>\n By 5 p.m., Instructure, which owns Canvas, said the software was “fully operational” and no “ongoing unauthorized activity” could be seen by the company at that point. <\/p>\n “As a precaution, we recommend customers follow security best practices, including enforcing MFA on privileged accounts, reviewing admin access, and rotating API tokens or keys where applicable. This will be our final update via this status page for this incident. We will continue to provide updates as appropriate through other channels and are now communicating directly with impacted customers to provide organization-specific information and support,” Instructure said in an update on their status tracking website.<\/a><\/p>\n The hacking group named ShinyHunters claimed responsibility for the breach at Instructure, the company behind the learning management system Canvas, said Luke Connolly, a threat analyst at the cybersecurity firm Emisoft. Instructure didn\u2019t immediately respond to a request for comment or questions about whether the system was taken down as a precaution or because the hackers knocked it offline.<\/p>\n The hacking group posted online that nearly 9,000 schools worldwide were affected, with billions of private messages and other records accessed, Connolly said.<\/p>\n Screen shots he provided showed that the group began threatening Sunday to leak the trove of data, giving deadlines of Thursday and May 12. Connolly said the later date indicates that discussions regarding extortion payments may be ongoing.<\/p>\n A student at University of Illinois Urbana-Champaign said the issues with the software come at a highly stressful time: the day before finals start.<\/p>\n Dominican University sent an email notice to students about the issue, stating Instructure was experiencing a “global outage.”<\/p>\n “This outage appears to be impacting all 9,000 Canvas customers. At this time, DU-IT and Learning Technologies have not been provided with an approximate outage timeframe,” Dominican University said in the email. <\/p>\n A student at Dominican University said when they tried to access Canvas, they got a screen that said “Canvas is currently undergoing scheduled maintenance. Check back soon.”<\/p>\n