The University of Illinois has postponed all final exams and assignments scheduled for the next several days following a global cyberattack on a popular classroom software.
In a letter to students and staff at the university, Provost John Coleman wrote that everything from a final exam to a paper to a project scheduled for Friday, Saturday or Sunday would be postponed — even those that don’t use Canvas. Next steps beyond that were still being discussed, but more details were expected to be released by noon Sunday.
It was not immediately clear if additional exams or assignments would be impacted next week.
Canvas is used by schools and universities to manage grades, course notes, assignments, lecture videos and more.
“Illinois is one of thousands of universities currently experiencing the same issue. Technology and academic leaders are communicating with our peer institutions as we explore options for next steps,” Coleman wrote. “I understand this situation adds new stress and uncertainty to the end of the academic year, and I thank you for your patience as we work through this disruption.”
The hacking group named ShinyHunters claimed responsibility for the breach at Canvas, said Luke Connolly, a threat analyst at the cybersecurity firm Emisoft. Instructure, the company behind Canvas, didn’t immediately respond to a request for comment or questions about whether the system was taken down as a precaution or because the hackers knocked it offline.
The hacking group posted online that nearly 9,000 schools worldwide were affected, with billions of private messages and other records accessed, Connolly said.
According to Coleman, some users also “viewed a message as part of the cybersecurity incident that contained malicious website links and other contact points.”
“It is important to not click or visit these links as they can also be sources of malware or potential compromise,” he wrote.
Connolly said the Canvas attack is strikingly similar to a breach at PowerSchool, which also offers learning management tools. In that case a Massachusetts college student was charged.
Connolly described ShinyHunters as a loose affiliation of teenagers and young adults based in the U.S. and the United Kingdom. The group also has been tied to a other attacks, including one aimed at Live Nation’s Ticketmaster subsidiary.
Universities and school districts quickly began notifying students and parents.
A student at the school said the issues with the software come at a highly stressful time: the day before finals start.
U of I warned late Thursday that “users may hear that Canvas is available,” but “should not attempt to access the Canvas at Illinois or Canvas Catalog system until official university direction is provided through formal communication methods.”
Other Midwest schools also issued alerts.
“This is being reported as a national-level cyber-security incident,” the University of Iowa’s director of information technology wrote in announcing that the school’s online system was down. “Hopefully we will have a resolution soon.”
Sean Reynolds, Vice President for Information Technology and Chief Information Officer for Northwestern University, said the school’s IT office was aware of the issue and monitoring it.
“The vendor has confirmed it is aware the site is unavailable, and we can also confirm that other institutions are experiencing a similar impact. While we don’t have an estimated restoration time from the vendor, please know this incident is not impacting other information technology infrastructure at Northwestern,” Reynolds said.
The University of Illinois Chicago said it was “aware” of the issue but noted “no other university systems are impacted by this incident.”
On Friday Morning, Dominican University said Canvas appeared to be restored and it did not appear the university’s “internal systems” or network were impacted.
