<\/p>\n\n\n\n
May 8, 2026<\/strong><\/p>\n\n\n\n Dear all,<\/p>\n\n\n\n Canvas came back online on Thursday evening around 8pm.<\/p>\n\n\n\n We heard from Instructure overnight: they informed us that the decision to take Canvas offline was part of containing an unauthorized access event. They wrote that they \u201chave found no evidence that the unauthorized actor established persistence, obtained credentials for accounts within your institution, or exfiltrated any additional data.\u201d Again, since we use single sign on via HMC credentials, no passwords from HMC were stored in Canvas.<\/p>\n\n\n\n Instructure further informed us that the unauthorized access was obtained through their \u201cFree for Teachers\u201d version of Canvas, which remains off line.<\/p>\n\n\n\n We recommend that you: Security reminders:<\/p>\n\n\n\n <\/p>\n\n\n\n This has been a really challenging disruption to the already busy end of the semester and we are grateful for your patience and resilience.<\/p>\n\n\n\n Instructure has provided this link for further information and the latest updates: Security Incident Update & FAQs | Instructure<\/a>. May 7, 2026 1:45pm<\/strong><\/p>\n\n\n\n Dear Faculty, Staff and Students,<\/p>\n\n\n\n We have just noticed that harveymuddcollege.instructure.com<\/a> is “currently undergoing scheduled maintenance”. We were not notified about this.<\/p>\n\n\n\n We will update you as soon as we receive further information. <\/p>\n\n\n\n May 7, 2026<\/strong><\/p>\n\n\n\n You may have heard or seen in the news that Instructure (the company that owns Canvas) announced that they had \u201crecently experienced a cybersecurity incident perpetrated by a criminal threat actor.\u201d According to Instructure, an unauthorized party accessed data from educational institutions around the world.<\/p>\n\n\n\n We have received two communications from the company. The first informed us that the incident happened and the second that HMC accounts were \u201cimpacted\u201d, but with no details.<\/p>\n\n\n\n Instructure is still determining what information may have been exposed, but at this time they believe it may include information available within Canvas, such as names, email addresses, student ID numbers, and messages exchanged within Canvas. <\/p>\n\n\n\n Based on their investigation to date, Instructure stated that passwords, dates of birth, government identifiers, and financial information do not appear to have been exposed. HMC does not store any of those in Canvas.<\/p>\n\n\n\n Since we use Single Sign On with HMC credentials, no HMC passwords are sent to Instructure, and there is no need to change your password.<\/p>\n\n\n\n Canvas is operational, and there is no evidence of an ongoing threat, according to Instructure. Their investigation is ongoing and is being conducted in coordination with forensic experts and law enforcement.<\/p>\n\n\n\n I am sorry that we have no further information to share yet. But we will provide updates as more becomes available.<\/p>\n\n\n\n
<\/p>\n\n\n\n\n
\n
<\/p>\n\n\n\n