|
Dear Colleagues,
I am writing to provide an update on the recent cybersecurity incident involving Instructure/Canvas.
Based on the interim assessment conducted by CrowdStrike, the third-party cybersecurity firm engaged by Instructure in response to the incident, the North Carolina Department of Public Instruction (NCDPI) has been informed by Instructure that the Canvas environment throughout the nation and here in North Carolina has no ongoing signs of compromise.
As a result, NCDPI will return Canvas services to normal operations at 4 p.m. on Monday, May 11, 2026.
NCDPI will continue to monitor the environment closely and remain in communication with Instructure as CrowdStrike completes additional forensic review. If new information emerges that impacts risk assessments or operational guidance, updates will be communicated promptly.
We encourage you to make local operational decisions based on your individual continuity needs and local circumstances. If you choose not to enable your public school unit’s (PSU) instance of Canvas, your technology director has been given instruction on how to proceed.
PSU Public Information Officers will receive Parent Communication Templates by 2:30 p.m.
We appreciate your patience, partnership and leadership throughout this incident response process. We recognize the challenges this disruption created for PSUs, school leaders, educators, students and families across the state.
Please continue to report any unusual system behavior or security concerns through established support channels.
|
