About » News and Publications

Canvas Security Incident: Information for Families and School Districts

Font Size: + -
Share & Bookmark, Press Enter to show all options, press Tab go to next option
Print

This page was last modified at 3:45 pm on Friday, May 8, 2026. 

Background About the Canvas Security Breach

Canvas is a web-based learning management system, or LMS. It is used by educators and students to access and manage online learning materials and communicate about assignments and progress. Canvas’s parent company, Instructure, recently confirmed that it experienced a security breach involving unauthorized access to certain user information.

According to Instructure, the breach may include:

  • Names
  • Email addresses
  • Student ID numbers
  • Correspondence in the Canvas platform. 

Instructure has stated that there is no evidence that the breach includes:

  • Passwords 
  • Social Security numbers
  • Financial information
  • Government-issued identification numbers 

This incident is limited to the Canvas platform operated by Instructure and does not impact Northwest Regional ESD’s internal systems or network. 

How Northwest Regional ESD Is Responding

Instructure is still investigating the cybersecurity incident and its extent. We don’t yet know whether any data from Northwest Regional or our component school districts was accessed.

We understand that incidents like this are extremely concerning, especially when they involve student information. We will continue to monitor updates from Instructure, follow guidance from security and legal experts, and share additional information if further action is needed. 

Canvas was used in the following ways at NWRESD:

  • Some of our component school districts had contracts through the Cascade Technology Alliance through the 2024-25 school year
  • Our Outdoor School program used it with some high school student leaders to provide coursework
  • Our professional learning, social emotional learning schools and Early Intervention/Early Childhood Special Education programs used it during the pandemic to deliver curriculum to both adults and students

What Steps Can Parents Take to Protect Their Child’s Data

While the investigation is ongoing, we want our component school districts and the general public to be aware of the situation and take reasonable precautions:

  • Parents or guardians who used Canvas should consider changing their password. Instructions for changing your password.
  • Be cautious of unexpected emails, text messages, or phone calls asking for personal information.
  • Do not click suspicious links or attachments.
  • Remind your child to never share passwords or login information.