Canvas outage persists for some Chicago and Illinois colleges, sending student scrambling before finals
The Canvas outage has stretched into a second day, leaving students and teachers in the Chicago and Illinois university systems scrambling amid the end of the spring semester.
The digital learning platform that is heavily relied upon by students and staff alike abruptly went offline Thursday afternoon amid a cyberattack and ransom demands.
The University of Illinois sent out an email to faculty, staff and students, writing in part, "Canvas, our learning management system, is offline due to an ongoing cybersecurity incident." Later that night, U of I Urbana-Champaign announced they would postpone all final exams and assignments scheduled for Friday, Saturday or Sunday, including for classes that don't use Canvas.
Some schools are slowly regaining access to the platform. University of Illinois Chicago was also impacted, but by Friday morning the school said the system was back online and students and faculty could return to using Canvas.
"We are still collaborating with Instructure to better understand the incident and any potential impacts it may have. Although Instructure has not indicated any ongoing risks, Technology Solutions is developing backup plans in case another issue arises," UIC wrote in a letter to the community.
Canvas is still down at Northwestern University Friday morning. The school said they are in conversation with "other institutions, security experts and the vendor" to determine the next steps for reconnecting the platform.
The cloudy-based digital classroom system is used at more than 8,000 institutions and has nearly 30 million users. Students and faculty use it for notes, study guides and even actual final exams.
The cyberattack came days before or in some cases during final exams, as colleges began closing their spring semesters. The long-term impact of the attack and outage on finals, graduation and more was not immediately clear.
Instructure released a statement Friday morning saying an "unauthorized actor" in the incident made changes to pages that appeared to students and teachers when they were logged into their Canvas platforms. The company said they took Canvas down "out of an abundance of caution," and said the hacker used an issue related to their Free-For-Teacher accounts to conduct the cyberattack.
"As a result, we have made the difficult decision to temporarily shut down our Free-For-Teacher accounts," the company said in their statement. "This gives us the confidence to restore access to Canvas, which is now fully back online and available for use. We regret the inconvenience and concern this may have caused."
Whether the platform being back online overall meant it is now accessible at all Chicago area and Illinois colleges and universities was not immediately clear.
At 10 a.m., the University of Illinois said their cybersecurity professionals and university leadership were still continuing to evaluate the risks of bringing Canvas back online for the school community and had not yet made a decision. They said further updates will come through the day.
Northwestern said they would have their next update to the campus about Canvas at 11:30 a.m.
