Current

What we know about the cyberattack on Canvas

Image 1 of 1
Chalmers portal

Updated 12 May.

The provider of the Canvas learning platform was recently the victim of a data breach, resulting in the leak of data such as names, email addresses and the contents of private messages. Chalmers is among other users affected by the breach. Instructure, the company that owns Canvas, has now announced that it has paid the threat actor responsible for the cyberattack. Chalmers is continuing to monitor the situation and is in contact with other higher education institutions and Sunet.

It is still too early to say whether Instructure’s announcement means that the serious hacker attack is on its way to being resolved. We are therefore continuing to monitor it closely and are seeking dialogue with the supplier through its collaboration with Sunet. We are adjusting our technical security measures as necessary. Chalmers has activated its incident management procedure, which involves, among other things, informing those affected and in this case has been reported to the relevant authorities. 

The service is currently operating as normal. 
There are no reports of any passwords having been leaked.

Preparations are now being made to temporarily use alternative procedures and tools, in case the situation with Canvas gets worse.

What do you need to do?

To reduce the risk of fraud attempts and other security issues, we ask you to:

  • Access Canvas only via official links (e.g. via the university’s website or a bookmark)
  • Be extra vigilant about emails and messages containing links or attachments
  • Do not click on suspicious links or disclose your login details
  • Avoid sharing sensitive information via Canvas until further notice
  • Only download files you are expecting

Be particularly vigilant about

  • Unexpected messages, even if they appear to come from lecturers or students
  • Requests to log in via links or to act quickly
  • Attachments that seem unusual or unexpected
  •  If you are unsure about any information or instructions, always check via another channel, such as the course coordinator or official information pages.

If something seems wrong

Contact the course examinator if you have any questions about teaching.

We are monitoring the situation closely and will update the information on this page regularly.

If you have any questions

Please contact: kontakt@chalmers.se