{"id":17165,"date":"2026-05-17T22:40:48","date_gmt":"2026-05-17T22:40:48","guid":{"rendered":"https:\/\/globalnewstoday.uk\/index.php\/2026\/05\/17\/grcc-among-institutions-affected-by-canvas-cybersecurity-incident-the-collegiate-live\/"},"modified":"2026-05-17T22:40:48","modified_gmt":"2026-05-17T22:40:48","slug":"grcc-among-institutions-affected-by-canvas-cybersecurity-incident-the-collegiate-live","status":"publish","type":"post","link":"https:\/\/globalnewstoday.uk\/index.php\/2026\/05\/17\/grcc-among-institutions-affected-by-canvas-cybersecurity-incident-the-collegiate-live\/","title":{"rendered":"GRCC among institutions affected by Canvas cybersecurity incident &#8211; The Collegiate Live"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">Grand Rapids Community College was among the institutions affected by a recent cybersecurity incident involving Instructure, the parent company of Canvas. Instructure confirms that usernames, email addresses, course names, enrollment information, and messages were involved in the security incident.\u00a0<\/span><br \/><span style=\"font-weight: 400;\">Canvas is the learning management system GRCC began using in the fall of 2025, making the switch from Blackboard. Canvas is used schoolwide for coursework, grades, assignments, and communication between students and instructors. Instructure owns and operates Canvas, meaning the incident involved a third-party vendor used by GRCC. GRCC\u2019s own internal systems were not breached, according to the college\u2019s communications.\u00a0<\/span><br \/><span style=\"font-weight: 400;\">Instructure said that course content, submissions, and credentials were not compromised, and GRCC Communications stated in a school-wide email that, \u201cAccording to Instructure, unauthorized access to certain account-related data occurred. At this time, they have stated there is no indication passwords, dates of birth, government identifiers, or financial information were involved.\u201d\u00a0<\/span><br \/><span style=\"font-weight: 400;\">While Canvas remains operational, questions remain about the specific impact the cybersecurity incident has on GRCC. GRCC\u2019s communication shifted over the course of a week as Instructure released more information about the incident:<\/span><span style=\"font-weight: 400;\"><br \/> <\/span><br \/><span style=\"font-weight: 400;\">On May 6, GRCC sent a communication informing the school that it had been notified of a security breach involving Instructure, but had not been informed of any direct impact to GRCC.\u00a0<\/span><br \/><span style=\"font-weight: 400;\">On May 8, GRCC said Instructure confirmed that GRCC was among the impacted institutions. GRCC explained that unauthorized access included \u201ccertain account-related data,\u201d but there was no indication that passwords, dates of birth, government IDs, or financial information were accessed. The college also connected a Canvas outage on May 7 to the incident. \u201cPlease note that yesterday\u2019s Canvas outage was a direct result of Instructure\u2019s cleanup and containment efforts related to this incident,\u201d GRCC Communications wrote.<\/span><br \/><span style=\"font-weight: 400;\">On May 12, GRCC Communications said Instructure reached an agreement with the perpetrators and said compromised data was returned and destroyed.\u00a0<\/span><br \/><span style=\"font-weight: 400;\">\u201cInstructure has informed us that all compromised data was never released publicly, has been returned in connection with its agreement, and copies of the compromised data have been destroyed,\u201d GRCC Communications stated.<\/span><br \/><span style=\"font-weight: 400;\">The same update said GRCC\u2019s exact data set hadn\u2019t been confirmed. GRCC Communications said, \u201cAlthough our exact data set was not confirmed by Instructure, they stated there is no indication passwords, dates of birth, government identifiers, or financial information were involved.\u201d<\/span><br \/><span style=\"font-weight: 400;\">On May 14, Instructure released a broad update on its website, giving more details about the types of information involved in the incident. \u201cThe data fields involved include information like usernames, email addresses, course names, enrollment information, and messages. Core learning data (course content, submissions, credentials) was not compromised. We&#8217;re still validating all findings, but we want to be clear about what we understand was and wasn&#8217;t affected,\u201d Instructure said.\u00a0<\/span><br \/><span style=\"font-weight: 400;\">GRCC\u2019s updates have not yet identified how many users were affected, what GRCC-specific data was accessed, or whether private Canvas messages between students and instructors were included in the compromised data.\u00a0<\/span><\/p>\n<p><a href=\"https:\/\/news.google.com\/rss\/articles\/CBMipwFBVV95cUxObVFWTmVaUmE2QTBxc241ZnZUT2VyLUNLdnY3YXRMQzRfeTk3NDIwVFlwNXJ4czBtMTl2WnBKeUFQajE3dDFOM2RRYUJhVlRyY3BqOGRJaWUyNjctMGh4OEJ0aFZtME9zTFJFZVJSMmo5VlAyUXExUG5CRXVoMHdnVmxubXh3WUNTbEtqbkpUaUdvTmxwQzhadzc1aWZoZG41dzRLY3E1UQ?oc=5\">source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Grand Rapids Community College was among the institutions affected by a recent cybersecurity incident involving Instructure, the parent company of Canvas. Instructure confirms that usernames, email addresses, course names, enrollment information, and messages were involved in the security incident.\u00a0Canvas is the learning management system GRCC began using in the fall of 2025, making the switch [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":17166,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11],"tags":[],"class_list":["post-17165","post","type-post","status-publish","format-standard","has-post-thumbnail","category-technology"],"_links":{"self":[{"href":"https:\/\/globalnewstoday.uk\/index.php\/wp-json\/wp\/v2\/posts\/17165","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/globalnewstoday.uk\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/globalnewstoday.uk\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/globalnewstoday.uk\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/globalnewstoday.uk\/index.php\/wp-json\/wp\/v2\/comments?post=17165"}],"version-history":[{"count":0,"href":"https:\/\/globalnewstoday.uk\/index.php\/wp-json\/wp\/v2\/posts\/17165\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/globalnewstoday.uk\/index.php\/wp-json\/wp\/v2\/media\/17166"}],"wp:attachment":[{"href":"https:\/\/globalnewstoday.uk\/index.php\/wp-json\/wp\/v2\/media?parent=17165"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/globalnewstoday.uk\/index.php\/wp-json\/wp\/v2\/categories?post=17165"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/globalnewstoday.uk\/index.php\/wp-json\/wp\/v2\/tags?post=17165"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}