DENVER, Colo. — A cyberattack on Canvas, the online learning platform used by universities nationwide, knocked the system offline Thursday, during one of the busiest times of the academic year.
Several Colorado students were racing to meet deadlines as final exams and papers came due. Many rely on Canvas daily to submit assignments and track coursework.
Hear how this cyberattack impacted students and the not-so-typical homework it is spurring them to do to protect their online accounts.
"I was online with my friends, and they were saying, 'Oh, it got like hacked by this odd company,' and so I was like, 'You're kidding.' It was so stupid that they did it right before finals week," said Grace Gallison, student at CU Denver.
For other students, like Caden Rickher, he said this shutdown was really badly timed and caused a real problem, as students could not access anything through the online system.
"Some of the teachers weren't even fully aware of it at the time, so we had to email them personally and say, 'Hey, like, I can't turn in my assignment today because of the fact that Canvas is down' and they had to extend deadlines, which was really annoying," Rickher said.
Rodney Gullatte Jr., a certified ethical hacker and CEO of Firma IT Solutions, explained how attackers identified Canvas as a high-value target.
"The way they try to run this is like, how can we find a dependency between all the schools? What are they all connected to that we can then hack and hold them all hostage? Canvas is the core," Gullatte said.
Gullatte warned that the Canvas attack is not an isolated incident and that educational institutions should expect more.
"What's coming next — the hackers going after the schools directly, and this is not just colleges and universities, but school districts, any type of educational institution... They're going to come after your own networks, which have a bigger treasure trove of personal information," Gullatte said.
He said the stakes extend well beyond disrupted coursework, with sensitive personal data now potentially at risk.
"Now we're talking about financial data. Now we're talking about Social Security numbers and insurance information. They're going to get all that information," Gullatte said. "Right now, there's emails going out that say that from your professor, 'Hey, click on this link real quick,' It's not real. Don't click on that link."
Canvas has since been restored, with students expressing relief, but also concern over how their personal information may now be compromised.
"I checked this morning, thankfully, plenty of my assignments I got in today," Cavraro said. "I'm really happy about that."
"I definitely want to change my password and make sure that I have different passwords on all of my accounts, because I think that's a big thing is that if they get your one password for one school account, if that's the same for the rest of it, they just have access," Gallison said.
Gullatte said the attack is a reminder for users to take steps to protect their accounts. He recommended using different passwords across all accounts and enabling two-factor authentication, and he wrote an article detailing the overall impact of this cyberattack.
This story was reported on-air by a journalist and has been converted to this platform with the assistance of AI. Our editorial team verifies all reporting on all platforms for fairness and accuracy.
