Who Is Affected?
Faculty, staff, and students who use Canvas at UNCG.
What Is Happening?
UNCG was recently notified by Canvas vendor Instructure about a cybersecurity incident affecting Canvas systems.
According to Instructure, a criminal threat actor gained unauthorized access to certain data associated with customer accounts. At this time, Instructure reports that the exposed information may include some personal information.
Instructure has stated that, based on its investigation so far, the incident does not appear to involve:
- Passwords
- Dates of birth
- Government-issued identification numbers
- Financial information
Instructure reports that the activity was detected on Wednesday, April 29, 2026, and that access associated with the incident was immediately revoked. The company also reports that the underlying vulnerability has been addressed and that there is currently no indication of an ongoing threat.
What Is UNCG Doing?
UNCG ITS is actively reviewing information provided by Instructure and coordinating with campus security and privacy stakeholders.
Instructure has reported that it has:
- Engaged third-party forensic investigators
- Notified the FBI, CISA, and other law enforcement partners
- Disabled compromised accounts and revoked associated access
- Applied additional platform-wide security protections
- Increased monitoring and detection controls across the platform
UNCG is continuing to monitor the situation closely as additional details become available.
Do I Need to Do Anything?
At this time, no specific action is required for most Canvas users.
However, ITS recommends following general security best practices:
- Be cautious of unexpected emails, text messages, or phone calls requesting personal information
- Continue using strong passwords and multi-factor authentication (MFA) whenever available
- Report suspicious messages or account activity to ITS
Additional guidance may be shared as more information becomes available from Instructure and campus security leadership.
When?
Instructure reported the following timeline:
- Saturday, April 25, 2026 – Incident occurred
- Wednesday, April 29, 2026 – Unauthorized access detected and revoked
- Thursday, April 30, 2026 – Additional suspicious access removed and security protections expanded
Canvas and related services are currently operational.
Need Help?
Find answers online or contact 6-TECH:
- Search for tech solutions: 6tech.uncg.edu
- 6-TECH online portal: Submit a ticket
- Call: 336-256-TECH (8324)
- Email: 6-TECH@uncg.edu
