Data breach in the Canvas learning platform - incident resolved
Canvas was recently the target of a data breach in which data such as names, email addresses and the content of private messages was leaked.
Update 13 May
The incident has now been resolved. The integration between Ladok and Canvas is back up and running, but there may be a slight backlog that will be cleared over time.
The incident
Karolinska Institutet uses the learning platform Canvas, a cloud-based service for providing information and facilitating communication about programmes and courses. The platform is used by thousands of educational institutions around the world, and other Swedish higher education institutions that use the service are also affected.
Instructure, the company behind Canvas, has confirmed that personal data such as names, email addresses, student IDs and the contents of private messages (Canvas inbox) have been exposed. There is no indication that any passwords have been leaked.
Ladok and Canvas
The integration between Ladok and Canvas was disabled, which means that no data was transferred between the systems. This is to minimise the risk of disruptions in Ladok. Integration is now enabled again.
Recommendation to users
As a general precaution, please be wary of suspicious emails or other attempts to contact you.
More information
- Support Canvas - digital learning
- Updates from Instructure
- Updates from Sunet (information in Swedish)