Update - Our investigation is ongoing. We have not identified evidence of unauthorized access to Unizin systems or member data within the UDP. We expect to begin resuming data ingestion for both the Batch ETL and event pipelines Thursday morning, May 14th.
Our security review has found no flagged or anomalous activity indicating that a threat actor has accessed Unizin systems or member data stored within the UDP. We will continue to actively monitor.
Unizin has received and reviewed initial findings from Instructure. Based on that review, we found no direct impact to Unizin infrastructure or member data within the UDP. We will continue to review new information from Instructure as it is made available and will share any information that show potential impact to Unizin infrastructure or member data within the UDP.
Our engineering team has confirmed that our Canvas data intake systems are not vulnerable to injection attacks from malicious upstream data.
We are in the process of auditing Caliper events received by members using Canvas since the suspension of event writing to the UDP on May 7th. Currently we have retained over 112 million events that we will begin writing as part of resuming data ingestion on May 14th.
We are also in the process of validating the output data from the Canvas Data APIs for all members.
Unizin is encouraging all members to rotate any Canvas Data credentials they have supplied to Unizin and will also support any member that needs or wants to rotate their Unizin-supplied service account keys or legacy context_store credentials for their UDPs. Note that rotating these can cause disruptions to systems that depend on these credentials during the process. Please contact support@unizin.org to initiate any of these.
We will be delivering canvas_logs data for May 8, 2026 for all Canvas members to the buckets dedicated for this incident as soon as it is available. To access this bucket please contact support@unizin.org.
We plan to begin re-enabling data ingestion Thursday morning, May 14th. Wednesday, May 13th has been reserved to allow members to raise concerns or opt out following tomorrow's town hall. Downstream pipelines dependent on CD2 or Caliper events will remain paused until ingestion is re-enabled for your institution. If you wish to opt out of this re-enablement please contact support@unizin.org.
May 11, 2026 - 22:34 UTC
Our security review has found no flagged or anomalous activity indicating that a threat actor has accessed Unizin systems or member data stored within the UDP. We will continue to actively monitor.
Unizin has received and reviewed initial findings from Instructure. Based on that review, we found no direct impact to Unizin infrastructure or member data within the UDP. We will continue to review new information from Instructure as it is made available and will share any information that show potential impact to Unizin infrastructure or member data within the UDP.
Our engineering team has confirmed that our Canvas data intake systems are not vulnerable to injection attacks from malicious upstream data.
We are in the process of auditing Caliper events received by members using Canvas since the suspension of event writing to the UDP on May 7th. Currently we have retained over 112 million events that we will begin writing as part of resuming data ingestion on May 14th.
We are also in the process of validating the output data from the Canvas Data APIs for all members.
Unizin is encouraging all members to rotate any Canvas Data credentials they have supplied to Unizin and will also support any member that needs or wants to rotate their Unizin-supplied service account keys or legacy context_store credentials for their UDPs. Note that rotating these can cause disruptions to systems that depend on these credentials during the process. Please contact support@unizin.org to initiate any of these.
We will be delivering canvas_logs data for May 8, 2026 for all Canvas members to the buckets dedicated for this incident as soon as it is available. To access this bucket please contact support@unizin.org.
We plan to begin re-enabling data ingestion Thursday morning, May 14th. Wednesday, May 13th has been reserved to allow members to raise concerns or opt out following tomorrow's town hall. Downstream pipelines dependent on CD2 or Caliper events will remain paused until ingestion is re-enabled for your institution. If you wish to opt out of this re-enablement please contact support@unizin.org.
May 11, 2026 - 22:34 UTC
Monitoring - We are aware of and actively responding to a security breach affecting Instructure Canvas. Our team began taking protective action immediately upon learning of the incident.
Actions taken:
- All Canvas Data 2 (CD2) data extract jobs have been disabled
- Processing and writing of caliper events to all member UDP data stores has been suspended
Current impact: Downstream data pipelines dependent on CD2 or caliper event writes will not receive new data until further notice.
Next steps: We are monitoring Instructure's incident response and working with our contacts at various member institutions to assist where possible. Once the incident has passed we will restore services in a controlled manner once we can confirm the integrity of the CD2 and event data.
Further updates will be posted here as the situation develops.
May 07, 2026 - 21:42 UTC
Actions taken:
- All Canvas Data 2 (CD2) data extract jobs have been disabled
- Processing and writing of caliper events to all member UDP data stores has been suspended
Current impact: Downstream data pipelines dependent on CD2 or caliper event writes will not receive new data until further notice.
Next steps: We are monitoring Instructure's incident response and working with our contacts at various member institutions to assist where possible. Once the incident has passed we will restore services in a controlled manner once we can confirm the integrity of the CD2 and event data.
Further updates will be posted here as the situation develops.
May 07, 2026 - 21:42 UTC
Engage
Operational
Order Tool
Operational
UDP - Caliper Ingestion
Under Maintenance
UDP - Batch ETL
Under Maintenance
UDP - Marts
Under Maintenance
Search
Operational
IDP
Operational
MyLA
Operational
Unizin.org
Operational
Unizin Resources and Docs Site
Operational
RedShelf eReader
Operational
Google Cloud Platform
Operational
Google Cloud Platform Google BigQuery
Operational
Google Cloud Platform Google Cloud SQL
Operational
Google Cloud Platform Google Cloud DNS
Operational
Amazon Web Services
Operational
AWS ec2-us-east-1
Operational
AWS redshift-us-east-1
Operational
AWS rds-us-east-1
Operational
AWS s3-us-standard
Operational
Operational
Degraded Performance
Partial Outage
Major Outage
Maintenance
Major outage
Partial outage
No downtime recorded on this day.
No data exists for this day.
had a major outage.
had a partial outage.