Is Canvas down at University of Oregon?

Canvas, a widely used online learning platform owned by Instructure, is facing a major outage following a cyberattack attributed to the hacker group ShinyHunters. The attack has disrupted services for nearly 9,000 schools globally, including the University of Oregon, Duke, Harvard, and Penn, affecting 275 million users, including students, teachers, and staff. The hackers claim to have accessed personal information (PII) and billions of private messages exchanged on the platform. Instructure confirmed the outage on May 7, placing Canvas, Canvas Beta, and Canvas Test in 'maintenance mode' while investigating. The company reported login difficulties for Student ePortfolios but did not provide further details. ShinyHunters posted a statement claiming responsibility, warning of a data leak unless a settlement is reached by May 12. The University of Oregon’s Chief Information Officer, Abhijit Pandit, issued an email to students and faculty advising them to avoid Canvas entirely. Pandit warned against interacting with any prompts or unsolicited messages related to Canvas or UO accounts, emphasizing potential security risks. UO Information Services has coordinated with Instructure and rotated credentials as a precaution. Canvas is used by 41% of higher education institutions in North America, making the breach particularly impactful. The hackers allegedly shared a screenshot demanding payment to prevent data leaks, though no official confirmation of the demand has been provided by Instructure. Students across affected universities, including those at Duke and Harvard, have reported disruptions to coursework and communication. Instructure has not yet released a public statement confirming the breach’s scope or whether user data has been compromised. The situation remains fluid, with universities and institutions monitoring updates from both Instructure and cybersecurity experts.