Access to Canvas was restored Friday morning, following a large-scale cyberattack on Canvas’ parent company, Instructure, Thursday by cybercrime entity ShinyHunters.
The Canvas outage, which affected more than 8,000 schools and 275 million students nationwide, including the University of Michigan, was accompanied by a message from ShinyHunters instructing impacted schools to reach a settlement with the group in order to avoid having private data leaked.
In an email to the U-M community, Ravi Pendse, U-M vice president for information technology and chief information officer, wrote the University’s Information and Technology Services collaborated with Instructure to resolve the issue.
“Information and Technology Services temporarily restricted access to Canvas while teams investigated the issue, implemented security measures, and worked with Instructure to restore services,” Pendse wrote.
Pendse also urged students who may have interacted with the website while it was affected to take steps toward safeguarding their privacy.
“As a reminder, if you entered your username and password into an unfamiliar Canvas login page during the incident, we strongly recommend that you change your password immediately,” Pendse wrote. “If you use the same password on other sites, we also recommend changing the password anywhere else it is in use.”
As of Thursday, the Instructure status page for Canvas states the service has been restored for most users.
Summer News Editor Caleb Obico can be reached at cobico@umich.edu.
