Canvas cyber incident

UTS has been advised by Instructure, the vendor, that some of our Canvas users were likely impacted by the recent incident. They have confirmed the data fields in the UTS Canvas environment that were possibly compromised as:  

• first and last name
•  preferred name
• preferred pronoun
• preferred language
• email address used for Canvas login  
• any other email addresses in the user’s Canvas profile 
  chat (if this function was used)
  activity time and date stamps (e.g. time/date of chat or log in actions).

This does not necessarily mean your own data has been accessed. The Australian Government’s National Office of Cyber Security continues to engage with Instructure on behalf of Australian customers to identify the specific users whose data was compromised.  

Detailed updates and FAQs about the incident are available on the Instructure website. 

What you need to do

Remain alert for phishing or scam messages, particularly non-UTS emails or messages referring to Canvas access, password resets or referring to a data breach. Do not click on any links in suspicious messages.  

You can find tips for spotting phishing or scam emails on the Cybersecurity section of our website. 

Sunday 10 May

Access to Canvas has been fully restored for staff and students from 6pm Sunday 10 May.

Our reactivation of access to Canvas follows engagement with the Australian Government’s National Office of Cyber Security and assurance from Instructure, the vendor, that Canvas is operational and secure.  More information s available on their website https://www.instructure.com/incident_update

We have conducted our own extensive checks of the UTS Canvas environment.  No suspicious or abnormal activity has been identified, and there is no evidence of unauthorised access or any loss of UTS data.

Further guidance about accessing the system and student information will be available on our dedicated ⁠"Canvas system outage update" page.

Thank you to our students and staff for their patience and understanding as we address the disruption this outage has caused.

Friday 8 May 2026

This is an update on Wednesday’s advice regarding the global cyber incident impacting the Canvas learning management system. Canvas is operated by Instructure and is used by many education providers worldwide, including UTS.

We do not have any information at this stage that our data has been compromised.

As an interim precautionary measure, access to Canvas via UTS single sign‑on has been temporarily disabled while investigations continue.

What does this mean for students?

• Canvas access is unavailable at this time (including via the Canvas app on your phone).
• There may be delays experienced in assessment results being provided in Canvas.
• We will provide further updates as more information becomes available.

What do I need to do?

• Do not attempt to log in to Canvas.
• Be alert for phishing or scam emails or messages, particularly those claiming to be from UTS or Canvas and asking you to log in, reset passwords, or confirm a data breach.
• Official UTS emails are only sent from @uts.edu.au or @connect.uts.edu.au addresses.
• Report anything suspicious to IT Support via:
  • Phone: +61 2 9514 2222
  • ServiceConnect: serviceconnect.uts.edu.au 

We continue working with the vendor, Instructure, and relevant Australian authorities and are continuing to investigate this incident and any potential impacts to UTS.

Need help?

A holding message is currently in place with IT Support while we manage this issue. If you have urgent concerns, please contact IT Support using the details above.

Your data security and privacy are important to us. We will continue to work closely with Instructure and relevant authorities and will keep you updated via official UTS channels.

Support available

Students

If you need support, UTS Counselling Service offers free, confidential support for students. You can phone 02 9514 1177 or email student.services@uts.edu.au to make an appointment. Please let receptionists know if you are requesting an urgent appointment.

Staff

Staff can connect with our confidential employee assistance program, TELUS Health (1300 361 008) and Yamurrah for Aboriginal and Torres Strait Islander colleagues. The service can also be used by immediate family members and is available 24 hours a day, 7 days a week.

Wednesday 6 May 2026

UTS has been notified of a cyber incident impacting the Canvas learning management system globally.

Canvas is used by many universities across the world, including UTS. 

We are working with the vendor, Instructure, to confirm whether UTS data has been compromised as part of this incident and to fully understand potential impacts if a breach has occurred. We are also working with relevant Australian authorities.

Canvas is currently operating as normal. We’ll be in touch if there are any identified impacts to users. Updates will also be provided on our website.

What should you do?

• Continue using Canvas as usual.
• Report anything suspicious to IT Support  via +61 2 9514 2222 or ServiceConnect
• Watch for phishing emails and message: scammers may send you emails pretending to be from UTS or Canvas, asking you to sign in, reset a password, or advising you that your data has been breached. Emails from UTS are sent from the official @connect.uts.edu.au or @uts.edu.au email addresses only.
• Always access Canvas using official links at canvas.uts.edu.au or via login.uts.edu.au.