Dear MVLA Community,

MVLA is aware of a security incident affecting Canvas, the district’s learning management system. We are monitoring updates from Instructure, the company that owns Canvas, and checking for any impact on our services. This is a nationwide issue affecting thousands of institutions.

Right now, MVLA has not been informed of any direct impact; Canvas is still available and working for faculty, staff, and students. You can find updates from Instructure on their status page (https://status.instructure.com/). MVLA will continue to monitor the situation and share new information as it comes in.

Instructure reported that outside threat actors accessed some information from their systems, but they no longer have access. The information that may have been involved includes names, student email addresses, student ID numbers, and messages exchanged in Canvas courses. MVLA’s Canvas instance does not store dates of birth, government identifiers, or financial information.

We want to reassure our community that high-sensitivity personal records were not part of this incident. As a matter of standard district practice and data minimization, we do not store sensitive personal identifiers within the Canvas platform. Additionally, because the district utilizes Single Sign-On (SSO) for Canvas access, user passwords are not stored on the platform and were not involved in this event.

Thank you,
The MVLA Leadership Team