New Hanover County Schools shares update on Canvas cybersecurity breach

NEW HANOVER COUNTY, N.C. (WWAY) — New Hanover County Schools is providing a new update on the nationwide cybersecurity incident involving Canvas, the learning management system used by school districts, colleges and universities across the country.

According to the district, users nationwide recently saw a message from the threat actor connected to the breach involving Instructure, the parent company of Canvas. The message appeared for users associated with the North Carolina Department of Public Instruction, North Carolina Virtual Public School and some public school systems across the country.

As a precaution, the North Carolina Department of Public Instruction and cybersecurity officials have removed access to Canvas through NCEdCloud for students and staff statewide while the investigation continues and additional safeguards are put in place.

District officials said information identified as compromised includes names, student ID numbers, messages between users and email addresses. However, the district says there is currently no indication that passwords, dates of birth, government-issued identifiers, financial information or Social Security numbers were involved in the breach.

New Hanover County Schools said it is continuing to work with Instructure, NCDPI and state partners to monitor the situation, advocate for updates and identify solutions to support students and staff during the disruption.

The district acknowledged many students and teachers rely on Canvas daily, especially during this time of year, and said additional updates will be shared as more confirmed information becomes available.