Instructure, the provider of IMD’s learning portal Canvas, has reported a data security breach affecting thousands of university clients worldwide.
According to Instructure, usernames, email addresses, course names, enrollment information and messages within Canvas may have been obtained by a third party, but there is no evidence that user credentials, such as passwords, have been compromised. Instructure has confirmed that Canvas is fully operational and safe to use. IMD’s own IT infrastructure has not been affected.
IMD remains in close contact with Instructure and continues to monitor their communication. Instructure has set up a dedicated page to provide updates: https://www.instructure.com/incident_update
Due to the heightened risk of phishing that may result from this Instructure incident, IMD encourages users to follow these guidelines:
- Do not click on any links unless you are confident they are genuine.
- Stay alert to any suspicious emails or messages which may appear to come from trusted organizations including IMD, Instructure or Canvas, or which may attempt to threaten or coerce. IMD will never ask for a password by email or message.
- Verify requests for personal or financial information independently.
- Ensure that software is up to date and anti-virus software is installed on all work devices (including mobile devices).
- Report any suspicious messages to the IMD IT security team at [email protected]
