Australian universities and TAFEs have joined global counterparts in scrambling to understand their potential exposure to a cyber incident involving a popular learning management system.
Multiple institutions including RMIT University, UTS, TasTAFE Tasmania and Western Sydney University revealed their potential exposure in disclosures over the past 24 hours.
Of these, TasTAFE provided the most detailed view of the incident, which it said impacted “data associated with some [Canvas] customer accounts”, including its own.
TasTAFE said that Canvas’ owner Instructure first notified of the cyber incident on May 2, but had yesterday provided further details, advising “that a criminal third party” was involved.
“This incident relates to Instructure’s systems and was not the result of a breach of TasTAFE’s own systems or processes,” TasTAFE wrote.
“Investigations commenced immediately and are ongoing. Based on current advice, the data involved may include some personal information, including content stored within Canvas such as messages.
“At this stage, Instructure has not provided TasTAFE with information identifying specific individuals affected.
“There is no indication that passwords, dates of birth, government identifiers, or financial information were involved.”
RMIT University wrote in a brief notice that it is “working with the vendor to confirm if RMIT data has been involved and understand any impacts as a result of this breach.”
A similarly-worded UTS missive stated that it is “working with the vendor, Instructure, to confirm whether UTS data has been compromised as part of this incident and to fully understand potential impacts if a breach has occurred.
“We are also working with relevant Australian authorities,” UTS wrote.
Western Sydney University similarly said it was working with the vendor to examine potential exposure.
All institutions said that Canvas was operating normally within their environments.
A well-known threat group has claimed responsibility for the attack.
.jpg&h=140&w=231&c=1&s=0)
_(39).jpg&w=100&c=1&s=0)
iTnews Executive Retreat - Data & AI Edition
.png&w=120&c=1&s=0)
iTnews Cloud Covered Breakfast Summit
iTnews State of Security Breakfast
The 2026 iAwards
.jpg&w=120&c=1&s=0)
Integrate 2026
_(1).jpg&h=140&w=231&c=1&s=0)
