CCIT is aware of a cybersecurity incident involving Instructure, the company that provides Canvas, as part of a broader event affecting multiple institutions.
CCIT is actively monitoring the situation, and Canvas administrators are reviewing the Clemson instance for any usability or service impacts. Updates from Instructure are available on the company’s status page. CCIT will share updates as more information becomes available.
According to Instructure, the information involved may include names, email addresses, Clemson student ID (CUID) numbers and messages among users. At this time, Instructure says it has found no evidence that passwords, dates of birth, government identifiers or financial information were involved. If that changes, Instructure says it will notify impacted institutions.
Even when passwords are not part of an incident, criminals can use details such as a Clemson email address and CUID number to make phishing emails, impersonation attempts and other social engineering attempts look more convincing. Students, faculty and staff should stay alert for unexpected emails, texts or calls that request login credentials, ask for personal information or urge immediate action.
