Skip To Main Content

Toggle Close Container

Mobile Search

Utility Nav - Mobile

District Schools Mobile

District Home Link

Mobile Main Nav

     

Header Holder

Logo Container

Header Right Column

Utility Nav - Desktop

District Home Link

Schools Nav Desktop

Search

Toggle Menu Container

Horizontal Nav

Breadcrumb

National Canvas incident Update

Post RSS Feeds
Updated

For the latest information about the Canvas data breach, please see this page: https://www.instructure.com/incident_update

 

UPDATE (May 8, 9 p.m.)

Dear families and employees:

We want to provide you with an update regarding the cybersecurity incident involving Instructure Inc., the parent company of Canvas.  Canvas has notified public school systems and universities across the country of a widespread cybersecurity event. Roanoke County Public Schools, like many institutions, uses this educational administration software. This situation is limited to Canvas systems and has not impacted our division’s internal IT systems.

Some students and staff may have seen a message related to this situation when attempting to log into the Canvas system yesterday. Canvas took its systems offline, as a precaution, and Roanoke County Public Schools also temporarily disabled Canvas access for our students and staff. Students will not be penalized for any missed or late assignments due to the outage.

As of this morning, Canvas indicated it has fixed the issue and restored access. Roanoke County Public Schools restored our access to Canvas earlier this afternoon.

Instructure has informed us that it has taken steps to secure the Canvas platform, engaged third-party cybersecurity experts to conduct an investigation, and is working closely with law enforcement.

Because the investigation is being conducted by Canvas, they are managing all aspects of that process, and we are not directly involved in the full scope of their investigation at this time. Canvas is used as an educational platform, and any information about your student would be limited to basic account information, such as their name, email address, student ID, and coursework-related information.

Roanoke County Public Schools takes the privacy of our students’ and staff information very seriously. We are working to ensure that Canvas directly notifies those impacted of the details of any information involved.

Thank you for your patience as we continue to work through this matter. We are committed to keeping you informed. 

 

-------------------------------------

 

UPDATE (May 7, 8 p.m.):

As we shared earlier today, we are aware of concerns surrounding a cybersecurity incident involving a third-party software provider, Instructure Inc., an international provider of education administration software, that RCPS utilizes through its program, Canvas.  As of this evening, we understand that thousands of public-school systems and universities have been impacted by Canvas’ incident. 

We also are aware that some of our users may have seen a message today related to this incident on their computers when they logged into the Canvas system.  We ask that you not engage with that message.

We have temporarily disabled Canvas access for RCPS students and staff while Canvas works to investigate this incident.  Students will not be penalized for any missed or late assignments due to this outage. 

To be clear, this security incident impacts Canvas’ systems and not RCPS’ internal IT systems.

Because the investigation is being conducted by Canvas, we are not directly involved in or privy to all aspects of that investigation at this time.  Canvas is used as an educational platform and any information about your student would be limited information such as their name, email address, student ID, and course work related information. 

RCPS takes the privacy of our students’ information very seriously.  We are working to ensure that Canvas directly notifies those impacted with the details of any information impacted.

Thank you for your patience as we continue to work through this matter.  We are committed to keeping you informed.

 

-------------------------------------

original message

-------------------------------------

Earlier this week, Instructure Inc., an international provider of education administration software, announced that it had suffered a cybersecurity incident in late April affecting Canvas.  Although security of the Canvas systems has been restored, data pertaining to students and educators at hundreds of school systems and universities around the country were subjected to unauthorized access.  The breach was limited to the Canvas internal systems, and security of individual school system networks was not disturbed.

Roanoke County Public Schools utilizes some Canvas tools.  Canvas has agreed to identify the scope of impact this incident may have had on information pertaining to members of our community.  Canvas has assured us that they are investigating the matter. 

Roanoke County Public Schools takes the privacy of our students’ and employees’ information very seriously.  We are committed to holding Canvas accountable.  We are working with Canvas to ensure Canvas is responsible for directly notifying any impacted individuals with details of the information pertaining to him or her that was affected.  Roanoke County Public Schools has not been provided with details on what information was exposed for specific individuals.