Leon County Schools is taking precautions after its instructional support software Canvas went down May 3 during a national cyberattack.
“LCS maintains additional safeguards for student accounts, including restrictions that prevent outside email communication directly to students. The district continues to monitor the situation closely and work with our partners to ensure the security of district systems and student information,” the district said in an email to parents May 8.
The software, which is commonly used for uploading assignments, study materials and administering exams, is now available and up to date.
Universities and public schools across the nation were interrupted by the incident which disrupted classes, coursework, and exams amid spring finals week for many schools.
The hacking group ShinyHunters claimed responsibility for the data breach at Instructure, the parent company and creator of the Canvas learning management system, according to The New York Times, CNN and USA Today.
Instructure said Canvas has more than 30 million active users worldwide and over 8,000 institutions as customers.
In a ransom letter shared on May 3 by Ransomware.live, a platform that tracks and monitors ransomware groups, ShinyHunters said it had accessed data from over 275 million people — including students, teachers, and other staff — across nearly 9,000 schools worldwide.
LCS spokesperson Chris Petley said student emails and names may have been associated with the hack but added that students cannot be reached by outside individuals or organizations through their student emails.
“At this time, there is no indication that passwords, financial information, or district-managed systems were compromised,” the email said.
How FSU, other institutions navigated the Canvas cyberattack
Florida State University relayed a similar message to its campus community in a May 8 email approved by FSU Chief Information Officer Jonathan Fozard, which followed a May 7 email that was sent out regarding the Canvas outage.
Once access was restored, faculty preparing summer semester courses were instructed to continue to monitor Canvas access and follow any additional guidance provided by the university.
“As this incident continues to receive national attention, please remain especially alert to phishing attempts, unexpected messages referencing Canvas, password reset requests, ransom claims or links to unofficial websites,” the May 8 email said.
With the summer semester beginning May 11, the university also provided guidance in case additional outages occur, such as the option of accessing course syllabuses through FSU’s Simple Syllabus webpage and having class materials sent via email or through Microsoft Teams if needed.
Other State University System (SUS) universities also shared updates online regarding the hacking incident, including the University of Florida, Florida International University, Florida Atlantic University and the University of South Florida. Attempts to get comments from a Florida A&M University spokesperson on how the issue was communicated to its campus community were unsuccessful.
At Tallahassee State College, a May 7 summer semester start date for online classes was delayed due to the nationwide cybersecurity incident before they resumed May 8, according to a TSC spokesperson. Updates regarding the issue were shared via X and Facebook.
Higher education reporter Tarah Jean contributed. Alaijah Cross covers children & families for the Tallahassee Democrat. She can be reached at abrown@tallahassee.com.
This article originally appeared on Tallahassee Democrat: Local public schools, higher ed affected by Canvas software hack
Reporting by Alaijah Cross, Tallahassee Democrat / Tallahassee Democrat
USA TODAY Network via Reuters Connect
