Canvas is back online and available for UWM students and instructors. You may log in and return to normal use. We realize how disruptive this Canvas outage has been and have been working to minimize the effects upon students and instructors.
All instructors have been asked to be flexible on any assignments that were due on Thursday or Friday.
UWM’s Canvas webpage has the latest information and guidance. A set of frequently asked questions (FAQs) will be released later Friday afternoon and can be found on this webpage. The FAQs will include guidance on what actions, if any, you should take once full access is confirmed and restored.
As part of reopening Canvas, here are key points to know:
- UWM’s Center for Advancing Student Learning and the UWM Help Desk have conducted checks on UWM’s system. UWM has not detected that assignments, grades or instructional materials were manipulated.
- Instructure, the parent company of Canvas, has reported having taken the necessary steps to prevent another shutdown of Canvas due to this incident. UWM will continue to monitor our Canvas environment.
- We do not believe data has been mishandled beyond what was already reported.
- Check your courses to ensure things are the way you remember them. If you have a concern about data, report it. Please review the last two weeks for any anomalies.
Exercise caution
As a reminder, do not click on any unusual links or perform unexpected tasks that are requested through a message or email. If you receive suspicious communication, do not take action. Instead, contact the UWM Help Desk immediately.
Background on the breach
On April 29, Instructure detected unauthorized activity in Canvas. They immediately revoked the unauthorized party’s access, started an investigation, and engaged outside forensic experts. Find the latest information on the incident on this Instructure Canvas webpage.
On May 7, Instructure stated that additional unauthorized activity was tied to the same incident. The unauthorized actor made changes to the pages that appeared when some students and teachers were logged in through Canvas. Out of caution, Instructure temporarily took Canvas offline into maintenance mode to contain the activity, investigate and apply additional safeguards.
What information was involved?
Instructure reports that, based on their investigation so far, the data taken in the April 29 incident includes personal information of users at affected organizations. That includes names, email addresses, student ID numbers and messages among Canvas users.
Instructure reports that it has found no evidence that passwords, dates of birth, government identifiers or financial information were involved.
Based on Instructure’s reports of its investigation to date, they have not found evidence that data was taken during the May 7 activity. The investigation is ongoing, and they will share more as their findings are verified.