UvA to reopen Canvas from Wednesday morning
Students and staff will be able to use the digital learning system Canvas again from Wednesday. The UvA announced this in an update. The platform had been offline for several days following a cyberattack in which UvA data was also stolen.
The digital learning environment Canvas will once again be accessible to UvA students and staff from Wednesday morning, the university announced. The platform had been offline and inaccessible since Thursday, making it more difficult for students to access required study materials and submit assignments.
Canvas was taken offline after Instructure, the company behind the learning platform, was hit by a large-scale cyberattack. Cybercriminals from the international hacking group ShinyHunters – previously responsible for the hack of telecom provider Odido – gained access to the company’s systems. In total, around 3.65 terabytes (3,650 gigabytes) of data were stolen, reportedly amounting to approximately 275 million data records from nearly 9,000 educational institutions worldwide.
Back online
The university now considers it “responsible to make Canvas available again.” As a result, Canvas will be accessible again to UvA students and staff from Wednesday 13 May at 9:00 a.m. According to the university, the security of systems can “never be guaranteed 100 percent,” but Canvas provider Instructure has confirmed that the data obtained during the hack has now been secured.
The UvA says it is doing everything possible to ensure the relaunch proceeds “quickly and smoothly”: “In the meantime, we are of course remaining extra alert to suspicious activity and are monitoring the operation and security of Canvas especially closely, so that we can intervene quickly if necessary.”
Temporarily shut down
Instructure originally reported the data breach on 1 May. On 6 May, the company announced that data belonging to UvA students, lecturers, and staff was also involved in the breach. A day later, Instructure stated that the hackers no longer had access to the system, but this later turned out to be incorrect. Once it became clear that the hackers still had access to Canvas, the seven affected Dutch universities decided to temporarily take the platform offline. Lecturers were advised to make study materials available through alternative channels and to be flexible with deadlines.
Yesterday, Instructure announced in a statement that the company had reached a deal with the hackers. According to Instructure, the stolen data has now been deleted. It remains unclear whether the company paid a ransom for the deletion, as demanded by the cybercriminals.
