Edtech Firm Instructure Discloses Cyber Incident, Probes Impact

Instructure, the company behind the widely used Canvas learning management system, has disclosed a recent cybersecurity incident perpetrated by a criminal threat actor. The company is actively investigating the scope of the incident with the help of outside forensics experts. Since May 1, some services, including Canvas Data 2 and Canvas Beta, have been placed under maintenance, potentially affecting tools relying on API keys. This marks the second cybersecurity incident for Instructure in less than a year, underscoring the increasing vulnerability of education technology firms due to the sensitive student and teacher data they manage.