A360
Key Takeaways✦ Atlas AI
01
Ed-tech firm Instructure, behind the Canvas learning platform, is investigating a recent cyber incident with external experts, causing potential disruptions to services like Canvas Data 2 and Beta since May 1st.
02
This incident is significant as it follows a 2025 data breach at Instructure and reflects a growing trend of cyberattacks targeting education technology firms due to the vast amounts of sensitive student data they hold.
03
The ongoing vulnerabilities in the ed-tech sector, evidenced by this and other recent breaches affecting millions of students, underscore the urgent need for enhanced cybersecurity measures and data protection protocols.
Atlas AI
Instructure, the company behind the Canvas learning management system, said it recently experienced a cybersecurity incident and is investigating with the help of outside forensic experts.
In a statement attributed to Chief Security Officer Steve Proud, the company said it is working to determine the scope of the incident and is taking steps to minimize any potential impact. Instructure added that it will share updates as more information becomes available.
Some Canvas services remain under maintenance
Since May 1, some Canvas services, including Canvas Data 2 and Canvas Beta, have been under maintenance. Instructure has warned customers they may encounter issues with tools that rely on API keys.
The company has not said whether the maintenance is related to the cybersecurity incident.
Prior breach and broader targeting of edtech providers
The disclosure follows a separate incident Instructure reported in September 2025, which it attributed to a social engineering attack that led to unauthorized access to data in its Salesforce instance.
Education technology providers have increasingly been targeted by threat actors, in part because they store large volumes of personal information about students and staff. PowerSchool, another education software provider, disclosed a breach in January 2025 after a threat actor claimed to have stolen data affecting 62 million students.
Instructure has not provided further details about the latest incident, including which systems were affected or whether any data was accessed, as the investigation continues.
