May 8, 2026
Rockingham County Schools Staff and Families,
As we continue to monitor the Instructure Canvas security incident, we will share any new information we receive. The safety and security of our students and user information remains our top priority. Therefore, access to Canvas has been removed for all users at this time.
We do not recommend that parents or guardians log in through the Canvas app or the online parent portal until we can confirm that the platform is secure.
Our schools are working to provide alternative methods for submitting assignments and continuing instruction during this time. We are also working with the state and our technology partners to monitor the situation and determine next steps. Below is a message we received from Instructure regarding our district data.
Thank you for your patience and understanding.
INSTRUCTURE
We are writing to inform you of a significant update in a recent Canvas security incident that specifically impacted your institution.
On May 7, an unauthorized actor made changes to the pages that appeared when some students and teachers were logged in. We quickly identified this unauthorized activity and immediately took steps to contain it, including temporarily taking Canvas offline into maintenance mode as a precaution to prevent further unauthorized access. Working in coordination with our independent forensics partner, we have found no evidence that the unauthorized actor established persistence, obtained credentials for accounts within your institution, or exfiltrated any additional data.
Additionally, we have confirmed that the unauthorized actor carried out this activity by exploiting an issue related to our Free-For-Teacher accounts. The entry point for the incident last week was also through the Free-For-Teacher accounts. As a result, we have made the difficult decision to temporarily shut down our Free-For-Teacher accounts.
This decision was not made lightly. Our priority is to protect all Canvas users and ensure the platform's security and integrity. Free-For-Teacher accounts have been a core part of our platform and we are committed to resolving the issues with these accounts. While we work through these issues, shutting down our Free-For-Teacher accounts gives us the confidence to restore access to Canvas, which is now fully back online and available for use.
We are working around the clock to resolve this matter, provide you with transparency about this incident, and deliver the best educational experience possible. We will continue to keep you informed as more information becomes available. Please visit http://www.instructure.com/incident_update for the latest updates.
Sincerely,
Steve Daly
Chief Executive Officer
Instructure
As we continue to monitor the Instructure Canvas security incident, we will share any new information we receive. The safety and security of our students and user information remains our top priority. Therefore, access to Canvas has been removed for all users at this time.
We do not recommend that parents or guardians log in through the Canvas app or the online parent portal until we can confirm that the platform is secure.
Our schools are working to provide alternative methods for submitting assignments and continuing instruction during this time. We are also working with the state and our technology partners to monitor the situation and determine next steps. Below is a message we received from Instructure regarding our district data.
Thank you for your patience and understanding.
INSTRUCTURE
We are writing to inform you of a significant update in a recent Canvas security incident that specifically impacted your institution.
On May 7, an unauthorized actor made changes to the pages that appeared when some students and teachers were logged in. We quickly identified this unauthorized activity and immediately took steps to contain it, including temporarily taking Canvas offline into maintenance mode as a precaution to prevent further unauthorized access. Working in coordination with our independent forensics partner, we have found no evidence that the unauthorized actor established persistence, obtained credentials for accounts within your institution, or exfiltrated any additional data.
Additionally, we have confirmed that the unauthorized actor carried out this activity by exploiting an issue related to our Free-For-Teacher accounts. The entry point for the incident last week was also through the Free-For-Teacher accounts. As a result, we have made the difficult decision to temporarily shut down our Free-For-Teacher accounts.
This decision was not made lightly. Our priority is to protect all Canvas users and ensure the platform's security and integrity. Free-For-Teacher accounts have been a core part of our platform and we are committed to resolving the issues with these accounts. While we work through these issues, shutting down our Free-For-Teacher accounts gives us the confidence to restore access to Canvas, which is now fully back online and available for use.
We are working around the clock to resolve this matter, provide you with transparency about this incident, and deliver the best educational experience possible. We will continue to keep you informed as more information becomes available. Please visit http://www.instructure.com/incident_update for the latest updates.
Sincerely,
Steve Daly
Chief Executive Officer
Instructure