UPDATED: Ongoing cybersecurity incident puts Canvas offline ahead of finals week

The University of Illinois suspended all finals and assignments scheduled for May 8–10, 2026, due to a cybersecurity incident that took Canvas offline ahead of the final exam period. The shutdown followed a message from ShinyHunters, a criminal extortion group, which demanded a settlement by May 12, 2026, or threatened to leak data. University leaders replaced the hackers’ message with a statement confirming the incident and advising students to avoid clicking links in the original post. University officials confirmed that certain student data, including names, email addresses, and student ID numbers, may have been exposed, though Instructure, Canvas’s parent company, has found no evidence of compromised passwords, birthdates, government identifiers, or financial information. The university is awaiting further details from Instructure about the breach’s scope and the timeline for restoring access to the platform and its mobile app. The incident disrupted academic activities as students like Anusha Dharia, a sophomore in Engineering, reported losing access to course materials and facing uncertainty over delayed assignments. Some professors adjusted deadlines, but the disruption has heightened stress among students already preparing for exams. University leadership, including college deans and the Senate Executive Committee, is meeting to address the situation and will provide updates by noon on May 10, 2026. Instructure announced it is investigating the issue at 3:41 p.m. CST on May 7, 2026, but no specific recovery timeline has been provided. The university’s Technology Services team is directing students to a dedicated incident webpage for updates, while the Strategic Communications and Marketing team continues to monitor the situation.