The Cyber Security Agency of Singapore logo. (File photo: CNA/Calvin Oh)

Education platform Canvas hit by cyberattack; CSA offering assistance to affected organisations

The Singapore Institute of Management (SIM) said it was affected by the breach at Canvas, causing “inconvenience and concern” to its students and faculty.

· CNA · Join

Read a summary of this article on FAST.
Get bite-sized news via a new
cards interface. Give it a try.
Click here to return to FAST Tap here to return to FAST
FAST

SINGAPORE: The Cyber Security Agency of Singapore (CSA) said on Friday (May 8) that it had contacted affected organisations to provide support and guidance on mitigation steps, after education platform Canvas was hit by a cyberattack.

Canvas, used by schools, colleges and universities for grades and course materials, and owned by US edtech company Instructure, went down on Thursday, blocking student access.

"We have reached out to affected organisations to offer assistance and provide advice on mitigation measures," said CSA, adding that it was "monitoring the situation".

The Singapore Institute of Management (SIM), in response to CNA’s queries, confirmed it was affected by the Canvas breach, causing “inconvenience and concern” to its students and faculty.

CNA Games

Guess Word
Crack the word, one row at a time

Buzzword
Create words using the given letters

Mini Sudoku
Tiny puzzle, mighty brain teaser

Mini Crossword
Small grid, big challenge

Word Search
Spot as many words as you can
 Show More
Show Less

"We are aware of the ongoing disruption affecting access to the Canvas learning platform, which is impacting academic institutions globally," SIM said. 

"The incident occurred within the environment of Instructure, and we understand the inconvenience and concern this has caused our students and faculty."

In the meantime, SIM said it will put in place temporary arrangements. These include sending of Zoom lesson links directly to students, while deadlines for quizzes and assignments due during this period may be extended.

SIM added that keeping classes running and protecting its community’s information remained its top priorities.

CNA has contacted the Singapore University of Social Sciences (SUSS), NTUC Learning Hub, the National University of Singapore (NUS) and Kaplan to ask if they have been similarly affected by Canvas breach.

In a statement on its website, Instructure confirmed on Friday that the system was "fully back online and available for use".

The company said it first detected "unauthorised activity" in Canvas on Apr 29, prompting an investigation and the hiring of outside forensic experts.

"On May 7, 2026, we identified additional unauthorised activity tied to the same incident. The unauthorised actor made changes to the pages that appeared when some students and teachers were logged in through Canvas," it added.

"Out of caution, we temporarily took Canvas offline into maintenance mode to contain the activity, investigate, and apply additional safeguards."

Instructure said the Apr 29 incident resulted in a data leak involving certain users’ personal information at affected organisations, including names, email addresses, student identification (ID) numbers and messages between Canvas users.

"We have found no evidence that passwords, dates of birth, government identifiers, or financial information were involved."

The firm has since taken steps to enhance cybersecurity, including temporarily shutting down its Free-for-Teacher accounts after linking them to the incident, and revoking “privileged credentials and access tokens”, among other measures.

Instructure added it had alerted US law enforcement, including the Federal Bureau of Investigation (FBI), over the incident and would continue to monitor the situation closely.

The hacking group named ShinyHunters claimed responsibility for the breach at Canvas, said Luke Connolly, a threat analyst at cybersecurity firm Emsisoft,

Connolly described ShinyHunters as a loose affiliation of teenagers and young adults based in the US and the United Kingdom. 

The group also has been tied to other attacks, including one aimed at Live Nation’s Ticketmaster subsidiary.

Source: CNA/sn

Sign up for our newsletters

Get our pick of top stories and thought-provoking articles in your inbox

Subscribe here

Get the CNA app

Stay updated with notifications for breaking news and our best stories

Download here

Get WhatsApp alerts

Join our channel for the top reads for the day on your preferred chat app

Join here

Related:

Canvas system used by thousands of schools is back online after a cyberattack disrupted studiesA hacking group posted online that nearly 9,000 schools worldwide were affected, with billions of private messages and other records accessed, said a cybersecurity firm threat analyst.08 May 2026Education tool Canvas hacked, multiple US college newspapers reportLOS ANGELES: Education tool Canvas, used by schools, colleges and universities for grades and other class materials, was hacked, blocking students from accessing the application, multiple college student newspapers reported on Thursday (May 7).The Harvard Crimson reported that students could not gain access t08 May 2026