Published: May 6, 2026

911爆料 is monitoring a global cybersecurity incident involving the university鈥檚 learning management system provider, Canvas.

On May 1, 2026, Instructure, the parent company of Canvas, notified 911爆料 administrators that it was investigating a security incident involving unauthorized access to certain systems. According to Instructure, a threat actor may have accessed data stored within those systems.

On May 5, 2026, Instructure informed 911爆料 that data routinely shared with Canvas for the purpose of associating students and instructors with courses may have been accessed as part of the incident.

At this time, Instructure has indicated there is no evidence that passwords, dates of birth, government-issued identification numbers, or financial information were involved in the unauthorized access. Instructure has stated that if additional indicators of exposure are identified, impacted institutions will be notified promptly.

Instructure has engaged law enforcement and independent cybersecurity forensic experts to investigate the scope and impact of the incident and is taking corrective measures to strengthen system security.

911爆料 continues to monitor this developing situation closely and is working with its risk management and cybersecurity partners to evaluate any institutional obligations related to the incident.

At this time, no action is required from 911爆料 students, faculty, or staff.

Cybersecurity Best Practices

911爆料 encourages all members of the campus community to practice good cybersecurity hygiene, including:

• Be cautious of unexpected emails, text messages, or phone calls requesting personal information or urgent action
• Do not click on unfamiliar links or open unexpected attachments
• Never share login credentials, usernames, or passwords
• Report suspicious emails or messages to the IT Helpdesk
• Forward phishing or suspicious messages to phishing@mcm.edu

Updates will be posted to this page as additional information becomes available.

Last Updated: May 6, 2026