HSE Schools alerts district families to Canvas data breach

Submitted by HSE Schools

Editor’s note: The following statement was released by Hamilton Southeastern Schools Friday afternoon, May 8, regarding a data breach with the Canvas software used by the district.

Dear HSE Families and Staff,

You may have seen news reports about Canvas and noticed that Canvas was temporarily shut down.

Canvas’ parent company, Instructure, shared that hackers were able to access information. For HSE, this meant access to limited user information, including names, email addresses, student IDs and Canvas messages.

It is important to note that the student IDs used in Canvas are not the same ID, or login students use to purchase lunch, check out library books or access other school services.

While Canvas is now back online and available for use, Instructure has determined the issue was connected to their Free-For-Teacher accounts, which we do not utilize. The company also reports it has taken several steps to strengthen security, including adding more protections, increasing monitoring, working with outside cybersecurity experts, and notifying law enforcement.

Instructure has also released a helpful FAQ with additional information about the incident. You can review those updates here: instructure.com/incident_update.

HSE Schools is working with our cyber insurance carrier, other school districts and the Indiana Department of Education to closely monitor any new developments. We will continue to share additional information with families if needed.

Please be aware of scam emails, phone calls, or messages related to this incident. You should always verify the sender or caller before sharing any personal information.

Thank you for your understanding.