Canvas cybersecurity incident

Canvas, Wake Forest’s cloud-based learning management system, recently experienced a cybersecurity incident. Instructure, the company that operates Canvas, has informed school systems and higher education institutions across the country, including Wake Forest, that it has identified unauthorized access to a limited set of user data associated with its platform. Further, Canvas indicated that the issue has been corrected and that the software remains available for use by faculty, staff and students.

Based on the currently available information from Instructure, the types of data potentially involved may include names, email addresses, and course-related information, such as enrollment. There is no indication that sensitive data, such as Social Security numbers, financial information, or account passwords, was exposed.

The University is awaiting additional information from Instructure on how this incident may affect members of our campus community. 

Recommended actions

• Be alert for phishing emails or suspicious email messages referencing Canvas or course activity.
• Avoid clicking on unknown links or sharing personal information via email or online.
• Monitor your online presence and report any suspicious activity to .

Wake Forest is committed to sharing timely updates as more information becomes available. 

Additional updates

For status updates from Instructure regarding the cybersecurity incident, visit here.

This message was sent to campus by University Marketing and Communications on May 7, 2026.