On May 1, 2026, Instructure, the maker of UC Riverside’s learning management system Canvas, reported that it experienced a cybersecurity incident perpetrated by a threat actor. As of May 2, they believe the incident has been contained. This is a nationwide issue affecting thousands of higher education institutions. The University of California Office of the President (UCOP) is in close communication with Instructure and is actively coordinating with the UCR Information Security Office to monitor the situation.
Instructure is providing status updates on its website. We will share updates with the Highlander community on this page as new information emerges. You may also visit the TechAlerts page for updates.
Latest Update
May 13, 2026
5:00 PM
UCR’s instance of Canvas is fully operational and secure to use. Students and faculty resumed instructional activities in Canvas on May 9, 2026.
Instructure, the maker of Canvas, has informed UCR that user credentials, grades, developer keys, and other core learning data were not compromised. Instructure is finalizing a full audit of the attack and will share a UCR-specific data impact report, including exact data fields, resource types, and user-level rows. This process will take several weeks.
According to the status update provided by Instructure, they have reached an agreement with the unauthorized actor involved in this incident. As part of that agreement:
- The data was returned to Instructure.
- Instructure received digital confirmation of data destruction (shred logs).
- This agreement covers all impacted Instructure customers, including UCR.
UCR Information Technology Solutions is committed to actively monitoring the situation and continuing our holistic security assessment of the incident. Most importantly, we are diligently working to ensure that the Highlander community maintains secure access to Canvas.
May 9, 2026
1:35 PM
Canvas access has been restored following a security assessment of the system. Thank you for your patience while we worked to ensure that the system is ready.
The preliminary review was performed by a third-party cybersecurity vendor and reviewed by the UC Office of the President and each campus’s Chief Information Security Officer. While the assessment has provided the assurance needed to restore access to Canvas, a holistic review is underway.
Students and faculty may now resume instructional activities in Canvas by logging into the central authentication system with their UCR NetID and using Duo multi-factor authentication.
May 8, 2026
4:20 PM
UC Riverside is continuing to follow the University of California Office of the President’s directive to disable local access to Canvas until we are confident the system is secure. While we work to restore access to Canvas, students should continue to attend their regularly scheduled classes.
UCOP has allowed UC Berkeley and UC Merced to restore Canvas service today, to support critical operations for finals and to test the return to service for the UC at large. UCR currently anticipates full restoration of service by Monday, May 11th, pending final leadership approval and security reviews. Any changes to this expected timeframe will be communicated via Scotmail.
Instructional continuity guidance for faculty is available in the Instructional Continuity page in Teaching@UCR. Faculty members will find this information and more in ITS' email communication.
Where To Get Help
XCITE Center for Teaching and Learning: Instructors may contact XCITE (xcite@ucr.edu or 951-827-2612) if they need help with pedagogical strategies during this disruption or if they need support with the use of academic technologies.
Information Technology Solutions (ITS): Highlanders may contact ITS if they need technical assistance, encounter login issues, or need to report information security concerns. To request IT support, please submit a ticket or call BearHelp at (951) 827-4848 Monday through Friday, 8:00 am to 5:00 pm.
9:25 AM
You may have received news from Instructure, the parent company of Canvas (eLearn), that the platform is now fully operational. Following the University of California Office of the President’s directive, Canvas (eLearn) access will not be restored until we are confident the system is secure. We understand this disruption is concerning. UCR Information Technology Solutions is continuing to monitor the situation and are evaluating next steps in coordination with the campus leadership. Protecting the personal and institutional information entrusted to the university remains our highest priority.
Instructure recently published answers to common questions about the incident and its known impact. For the most recent updates on this incident, please refer to this page and the TechAlerts page or Instructure’s Status page. The UC Office of the President is also providing updates to the UC community as the situation evolves.
We will share updates again later today with the Highlander community as we learn more. To request IT support, please submit a ticket or call BearHelp at (951) 827-4848 Monday through Friday, 8:00 am to 5:00 pm.
May 7, 2026
Instructure’s latest update confirms that Canvas states they are under maintenance. They are communicating directly with impacted customers to provide organization-specific information and support.
UCR Information Technology Solutions urges Highlanders to remain vigilant and be cautious of phishing attempts. Watch for unexpected messages that seem to come from UC Riverside. The university will never ask for passwords, Social Security numbers, birthdates, or bank account information through email, text, or phone calls.
Protect yourself from cybercriminals by practicing cybersecurity best practices.
Let us help you with your search