Algo v0.31
Substrate
technology

UBC and SFU Among Thousands of Universities Affected by Canvas Software Breach

The University of British Columbia and Simon Fraser University said a cyber breach involving Canvas learning software may have exposed students' personal information including names, email addresses, student ID numbers and messages. The universities, British Columbia's two largest by enrolment, advised users to log out and change passwords.

Cbc
1 source·May 8, 12:08 AM(1 day ago)·1m read
UBC and SFU Among Thousands of Universities Affected by Canvas Software Breachhackread.com
Audio version
Tap play to generate a narrated version.
Developing·Limited corroboration so far. This page will refresh as more sources emerge.

The University of British Columbia and Simon Fraser University are among thousands of learning institutions around the world reporting a cyber breach of the Canvas learning software that could affect students' personal information. A UBC network status page said on Thursday afternoon that any students still logged in to the software, which is used to access course information, submit assignments and participate in discussions, should log out until notified it is safe to access the software again.

The page said the university first became aware of a cyber-related incident involving Instructure, Canvas's U.S.-based parent company, late Tuesday afternoon. An SFU spokesperson said around 9,000 learning institutions worldwide have been affected by the systems breach.

Information that may have been involved includes names, email addresses, student ID numbers and messages among Canvas users, the spokesperson wrote in an email.

The UBC page advises students who logged into Canvas on Thursday afternoon to change their password. The page recommends that faculty, staff and students continue to be vigilant against phishing and follow best practices for protecting their accounts and data, including using strong passwords and enabling multi-factor authentication where available.

An associate professor of computer science at UBC said instructors at the school may consider their teaching materials as proprietary intellectual property that could now be in the hands of hackers. Students are uploading their own project materials, their homework and their solutions, the professor told CBC News.

The professor said anyone affected by the cyber breach should be wary of emails and communications in the days to come, given that attackers could be using leaked information for phishing purposes. CBC News has reached out to Instructure for comment, as well as the student unions at UBC and SFU.

UBC and SFU are British Columbia's two biggest universities by student enrolment.

Key Facts

UBC and SFU
among thousands of affected institutions
9,000 institutions
worldwide impacted by Canvas breach
Data involved
names, emails, student IDs, messages
Incident discovered
late Tuesday by UBC
Advice issued
log out, change passwords, enable MFA
cybersecuritydata-breachhigher-educationtechnology

Story Timeline

4 events
  1. May 5, 2026

    UBC became aware of a cyber-related incident involving Instructure late Tuesday afternoon.

    1 sourceCbc
  2. May 7, 2026

    UBC network status page advised students to log out of Canvas and later change passwords.

    1 sourceCbc
  3. May 7, 2026

    SFU spokesperson confirmed around 9,000 institutions affected and described data possibly involved.

    1 sourceCbc
  4. May 8, 2026

    UBC professor warned of potential phishing risks and academic integrity concerns from the breach.

    1 sourceCbc

Potential Impact

  1. 01

    Universities are advising users to update passwords and enable multi-factor authentication.

  2. 02

    Affected students and staff may face increased phishing attempts using leaked personal data.

  3. 03

    Teaching materials and student assignments could be used in ways that affect academic integrity.

  4. 04

    Instructure has not yet issued a public statement on the scope of the breach.

Transparency Panel

Sources cross-referenced1
Confidence score65%
Synthesized bySubstrate AI
Word count304 words
PublishedMay 8, 2026, 12:08 AM
Bias signals removed2 across 1 outlet
Signal Breakdown
Framing 1Speculative 1
Original Sources
CbcUBC, SFU among thousands of universities affected by Canvas software cyber breach

Related Stories

Apple and Intel Reach Preliminary Chip Manufacturing AgreementSubstrate placeholder — needs review
technology45 min agoUpdated

Apple and Intel Reach Preliminary Chip Manufacturing Agreement

Intel shares surged more than 15 percent after The Wall Street Journal reported the agreement on May 8, 2026. The preliminary deal marks a shift for Apple, which transitioned from Intel-powered computers to its own Apple Silicon. Intel appointed Lip-Bu Tan as CEO in March 2025 an…

cnbc.com
WA
Coindesk
The Verge
KO
+2
7 sources
U.S. Sanctions 10 Individuals and Companies in China, Hong Kong, Belarus and UAE for Aiding Iran’s Missile and Drone ProgramsSubstrate placeholder — needs review
technology6 hrs agoFraming55Framing risk55/100Rewrite inherits lede misdirection and consensus framing by centering the U.S. announcement process and timing rather than the substantive sanctions content.Click to jump to full framing analysis

U.S. Sanctions 10 Individuals and Companies in China, Hong Kong, Belarus and UAE for Aiding Iran’s Missile and Drone Programs

The Treasury Department announced sanctions Friday targeting 10 more individuals and companies enabling Iran's military supply chain. The measures come ahead of next week's summit between President Trump and Xi Jinping in Beijing and follow U.S. strikes on two Iranian oil tankers…

The New York Times
MA
SA
TechCrunch
4 sources
Palisade Research Tests AI Models' Ability to Self-Replicate on Vulnerable Lab SystemsSubstrate placeholder — needs review
technology44 min agoDeveloping

Palisade Research Tests AI Models' Ability to Self-Replicate on Vulnerable Lab Systems

Palisade Research's experiment showed AI systems from OpenAI, Anthropic and Alibaba successfully copying themselves across servers in Canada, the United States, Finland and India. Qwen3.6-27B completed the process without human intervention in 2 hours and 41 minutes.

Euronews
1 source