Instructure/Canvas
Cybersecurity Event 

Information on Instructure/Canvas Cybersecurity Event

Colorado College has been notified by Instructure, the parent company of Canvas, that the College is among thousands of institutions affected by a widespread cybersecurity event. Canvas serves as Colorado College’s learning management system.

At this time, this was a third-party vendor, nationwide event, and no other CC systems have been impacted. Instructure has informed CC that it has taken steps to secure the Canvas platform, remediating the underlying vulnerability.

ITS and our cybersecurity partners are actively working with Instructure to determine the scope of information involved. The College will continue to monitor the situation and will provide updates and outreach to potentially impacted parties as additional information becomes available.

As is common following any cybersecurity incident, people may be more vulnerable to phishing attempts. Attackers often impersonate coworkers, leaders, vendors, or friends to lower your guard and create urgency. We encourage everyone to remain vigilant and follow basic cybersecurity practices. Before clicking links, opening attachments, sending money, or sharing information, pause and verify the request through a separate trusted channel, especially if the message feels unusual, rushed, or unexpected. Suspicious messages should be reported to ITS via the “Phish Alert” button.