As students prepare for final exams and complete end-of-semester projects, a nationwide Canvas outage is disrupting access to assignments, grades and course materials during one of the most critical weeks of the semester.
John Carroll University officials confirmed Friday that the outage stems from a cyberattack targeting Canvas systems nationwide. According to campuswide emails sent to students, the disruption is linked to the hacker group ShinyHunters, which allegedly carried out the attack affecting colleges and universities across the country.
“We know finals are an extremely stressful time, and we want to provide you with an update regarding the ongoing Canvas outage, which is affecting institutions nationwide, including John Carroll University,” an earlier university email stated. “The outage is the result of a cyber attack on Canvas by the ShinyHunters hackers.”
University officials initially warned students not to use Canvas even if the system temporarily returned online.
“At this time, Canvas remains unavailable. Should Canvas return to service, we do not recommend utilizing the system,” the email said. “Until we know more, we cannot assume the platform is safe or reliable.”
In a follow-up email sent at 10:55 a.m. Friday, John Carroll University Information Technology Services said Canvas returned to service late Thursday evening, but officials remain concerned about the system’s stability following the cybersecurity incident.
“Given the nature of the external cybersecurity incident affecting Canvas, we are not confident that the system is stable,” the email stated. “We will continue working with Canvas to understand this attack and their plans for ensuring the system’s stability and security.”
ITS encouraged students to immediately download and save important study guides, assignments, notes and course materials to personal Google Drives or local devices while access to Canvas is available.
The university also said students taking exams between 4 p.m. and midnight on Thursday who experienced interruptions should contact their professors to discuss accommodations. Faculty members are expected to communicate any changes to final exams, projects or paper submissions directly with students.
Other universities across Northeast Ohio have also reported impacts from the cyberattack. In a message sent to its campus community, Kent State University said the outage is tied to “an ongoing investigation to a data breach by an unauthorized third party.”
“Instructure (the vendor that manages Canvas) has confirmed that our institution is among those impacted by this event,” Kent State’s email stated. “At this time, we are working closely with the vendor and cybersecurity experts to determine the specific nature and scope of the data involved.”
JCU ITS told students that passwords were not compromised and said there is no need to reset passwords, though officials noted that updating passwords is still recommended as a precaution. The university also stated that Canvas does not store sensitive personal information such as Social Security numbers, birth dates or address data.
Officials warned students to remain cautious of phishing and scam emails related to the outage.
“You will likely receive email scams related to this situation,” the ITS email stated. “Be on alert and cautious.”
The university said all Canvas grade data has been backed up and reassured students that semester work remains secure.
Information Technology Services said it will continue monitoring the situation and provide updates as more information becomes available.
Students needing assistance are encouraged to contact the JCU Service Desk at 216-397-3005.
Updated as of Friday morning, May 8, at 10:58 a.m.
