Canvas cybersecurity incident impacting Butte College, Chico State University | News
Canvas cybersecurity incident impacting Butte College, Chico State University | News
Publish Date: 2026-05-07 23:54:00
Source Domain: www.actionnewsnow.com
Using an unordered list, summarize the following article with between 4 and 8 key points.
CALIFORNIA – A major security incident involving Canvas has been reported by colleges and universities across California.Action News Now reached out to both Butte College and Chico State University on Thursday night regarding the incident to see if either campus had been impacted.The following statement was given to Action News Now by Christian Gutierrez, the Public Relations Officers for Butte College:”Instructure, the company that owns and operates Canvas, has taken the platform offline in response to an ongoing cybersecurity incident.The incident has targeted Instructure, not our local Butte College systems.We understand how disruptive this can be for students at this time in the semester. Students are encouraged to communicate with their instructors via email if they have questions about assignments. We have great confidence in our faculty, who have adapted before and may need to do so again as we close out the spring semester.There is a website set up to monitor the outage.https://cccsecuritycenter.org/updates/canvas.php”The following statement was provided to Action News Now by Andrew Staples, Public Relations Director for University Communications:“I can confirm that Canvas is down at Chico State, just as it is at every CSU and many institutions across the country.Chico State’s Division of IT, in coordination with CSU systemwide officials, is actively investigating the situation and working to provide options for continuing operations as quickly as possible.”The Security IncidentThe California Community Colleges (CCC) Security Center says that starting on May 1, they began tracking a incident and have been actively monitoring all developments in the days that followed.According to the CCC, several of their districts were notified of a global cybersecurity incident involving Canvas, and the Security Center issued a system-wide notification to all districts with the available information.On May 4, Infrastructure confirmed that there had been a security incident involving the unauthorized access to certain data on Canvas.Officials say that the type of data that may have been impacted includes names, email addresses, student ID numbers, and messages from within the Canvas platform.The CCC said that there is no evidence that passwords, dates of birth, Social Security numbers, or financial records/information was involved in the security incident.At the time, officials said that CCC Security Center and the Chancellor’s Office are working together directly with Infrastructure to validate the scope of the incident and coordinate the next steps in response to the incident.On May 6th, the CCC Security Center said that a threat actor group claimed responsibility for the breach of Canvas and was attempted to extort Infrastructure. According to the CCC, this is a vendor-level incident and not a targeted attack upon any individual college.The CCC Security Center revealed that the main risk as of now is phishing or scam emails. This is due to some of the basic information that may have been accessed, and these messages could look more convincing than usual.Officials warned users of Canvas to keep an eye out for the following:Unexpected messages referencing your courses, instructors, or Canvas activityAnything asking you to click a link, share your log-in credentials, or open an attachmentIf you are in doubt as to the authenticity of the message, you are asked to go directly to Canvas rather than clicking any links that are sent to youThe CCC Security Center said on May 6 that Canvas was now fully operational, and if something feels off, you need to contact your campus IT help desk for assistance.The following statement was provided by the CCC Security Center on their website regarding the Canvas incident:”In late April 2026, Instructure — the company behind Canvas, the learning management system used by all 116 California Community Colleges — experienced a cybersecurity incident in which a criminal threat actor gained unauthorized access to their systems. Instructure detected the intrusion on April 29th, immediately began containment, and confirmed the incident publicly over the following days. A threat actor group subsequently claimed responsibility and attempted to extort the company using a “pay or leak” approach. Based on the investigation to date, data that may have been exposed includes names, email addresses, student ID numbers, and messages within the Canvas platform. There is no evidence that passwords, Social Security numbers, financial information, or dates of birth were involved.The California Community Colleges Security Center began tracking this incident on May 1st and has been actively monitoring developments in close coordination with the California Community Colleges Chancellor’s Office. The privacy and security of our students and employees is something we take seriously, and we are committed to keeping our campus communities informed as the investigation continues. Canvas remains fully operational and the incident has been contained, though the investigation with outside forensic experts is ongoing.”On Thursday, the CCC Security Center says that they had been receiving reports from some users who had received an email scam from the group that hacked Canvas. According to officials, the emails claim that hackers have been monitoring the user’s activities on web browsers and seeks payment in Bitcoin within 48 hours in order to have any and all compromising information released.The CCC Security Center says this is a scam and that anyone receiving such messages should delete them immediately. Do no click on any links, open any attachments, download files, or respond to the message.The Security Center says that they are aware of Canvas being down system-wide and that they are coordinating actively with Infrastructure and Canvas to resolve the issue.Any further updates will be shared by the CCC Security Center when it becomes available.
