Data breach at Canvas developer also affects RNTC

Instructure has reported that there was unauthorized access to part of its systems. Based on their investigation, the following data has been compromised:

• Names of students and staff
• Email addresses
• Messages between users

There is no evidence that passwords, dates of birth, government identifiers, or financial information were involved. Additionally, RNTC's Canvas environment is not connected to any financial or payment systems and is not integrated with any third-party platforms, so no such data was at risk on our end.

Instructure has since reached an agreement with the unauthorized actor involved in this incident. According to Instructure's CEO Steve Daly, the data was returned, all copies were deleted, and assurances were received that it will not be further shared on the dark web or elsewhere. Instructure has also been informed that no customers will be extorted as a result of this incident.

While Instructure themselves note that there is never complete certainty when dealing with cyber criminals, this is a significant development and we wanted to share it with you promptly.

In our assessment, the most likely risks from this breach are phishing emails and the use of real names and email addresses to impersonate individuals. We therefore ask you to be extra vigilant about suspicious messages such as unexpected emails, emails requesting personal information, or emails referencing this incident. If in doubt about any message you receive, do not click any links or open attachments. You can read more about how to recognize phishing on the EFF website.

As soon as we confirmed that RNTC was among the affected organizations, we reported the data breach to the Autoriteit Persoonsgegevens (the Dutch Data Protection Authority) within the legally required 72-hour window.

Canvas is fully back online and available for use. Instructure has confirmed that their forensic partners found no evidence that the unauthorized party currently has access to the platform.

We are closely monitoring the situation and will continue to provide updates as soon as more information becomes available. Instructure is keeping their incident update page as the central source for confirmed updates and FAQs.

If you have received a suspicious or unexpected message, or have any questions about this incident, please contact us at: info@rntc.com