Nationwide security incident involving Canvas
Share This Article
Updated May 11, 2026
Canvas access has now been restored across all UC locations. The University will continue monitoring the situation as additional information becomes available. Additional updates will be shared through local communications channels.
As always, we encourage UC community members to remain vigilant regarding potential phishing attempts or suspicious communications.
Updated May 9, 2026
The University of California continues assessing updates from Instructure and cybersecurity partners regarding the recent Canvas security incident. Based on the latest information available, campuses and locations are evaluating next steps regarding restoration of Canvas services.
Additional updates and campus-specific information will be shared through local communications channels as more information becomes available.
As always, we encourage community members to remain vigilant regarding potential phishing attempts or suspicious communications.
Updated May 8, 2026
Now that Instructure has advised that the incident has been contained and remediated, UC is making risk-based decisions about when to restore access to Canvas at campuses based on their operational needs. UC will continue to work closely with its IT teams across the system and determine next steps based on updates from Instructure. We understand the disruption this incident has caused for students, faculty, and staff. We will continue to monitor the situation and share additional information as it becomes available.
Updated May 7, 2026
The University of California is closely monitoring the security incidents involving Instructure, the maker of learning management system Canvas used by thousands of educational institutions globally. Across our locations, we are aware that the Canvas login page displayed a suspicious message originating from the threat actor. The Instructure Security Incident Update & FAQs page provides information about what happened and how Instructure is responding.
As always, we encourage our community members to remain vigilant and exercise caution regarding potential phishing attempts. Watch for unexpected messages that seem to come from UC. The university will never ask for passwords, Social Security numbers, birthdates, or bank account information through email, text, or phone calls.
Out of an abundance of caution, the University of California Office of the President has instructed all UC locations to temporarily block or redirect Canvas access, and Canvas access will not be restored until we are confident the system is secure. We understand this disruption is concerning. We will continue to monitor the situation and are evaluating next steps. Protecting the personal and institutional information entrusted to the University remains our highest priority. We will continue to work with UC location partners to understand the impact of these incidents on our students and faculty.
We will provide updates on UCnet as more information becomes available. Visit the pages below for information from your location.
Location updates
The list below will be updated as more information becomes available.
May 6, 2026
Instructure, the maker of the University’s learning management system Canvas, has notified the University of California of a data breach involving Instructure’s systems. This is a nationwide issue affecting thousands of institutions. We are in communication with Instructure and are actively coordinating with UC location cybersecurity partners to monitor the situation.
As always, we encourage our community members to remain vigilant and exercise caution regarding potential phishing attempts. Watch for unexpected messages that seem to come from UC. The university will never ask for passwords, Social Security numbers, birthdates, or bank account information through email, text, or phone calls.
Instructure is providing status updates on its website. We will share updates with the UC community on this page as new information emerges.