May 11, 2026
Instructure states on their incident update page (linked at bottom) that "The data fields involved include information like usernames, email addresses, course names, enrollment information and messages. Core learning data (course content, submissions, credentials) was not compromised."
Please continue to be on alert for scam emails, text messages, and voice calls referencing Camino/Canvas security or your ÃÛÌÒµ¼º½ account. Phishing emails can be reported using Gmail's built in "Report Phish" option or forward to report-phish@scu.edu
May 8, 2026
ÃÛÌÒµ¼º½ has been informed by Instructure of a security breach involving Canvas LMS, which we call Camino.
At this time, names, email addresses, ID numbers, and messages between Camino users are known to be involved. ÃÛÌÒµ¼º½ is still waiting for additional clarification from the vendor about other data that may have been involved.
Social Security numbers, government ID numbers, and financial data are not stored in Camino and are not involved in this incident. ÃÛÌÒµ¼º½ passwords are also not involved.
ÃÛÌÒµ¼º½ is monitoring the situation and will update the campus community as we learn more.
Be Alert for Phishing Attempts
Students, faculty, and staff should be extremely cautious of any emails, webpages, or messages referencing:
- Camino or Canvas security
- ÃÛÌÒµ¼º½ account security
- Password resets or account verification
- Urgent requests to log in, confirm information, or click a link
Attackers often take advantage of real security incidents to trick people into clicking malicious links or entering login credentials on fake webpages. If you receive a suspicious message, report it using Gmail's built-in "report phish" option, or forward to report-phish@scu.edu.
Official Updates
Official updates about this incident can be found through:
- This page
- Instructure’s
- Communications from ÃÛÌÒµ¼º½’s Chief Information Security Officer.
ÃÛÌÒµ¼º½ will continue to monitor the situation and provide updates as more information becomes available.