Cyber Incident Victim: Wayne State University
Date:
May 2026
Location:
United States of America
Summary
A cyberattack on the Canvas learning management system caused a global outage that affected approximately 90,000 schools and 275 million students worldwide, including Wayne State University. The disruption occurred while instructors were finalizing grades, and the university noted that its finals had already been completed, limiting potential impact. Attackers reportedly sought to steal limited personal information to extort payment for data deletion and to encrypt operations, demanding a ransom for decryption keys. After remediation efforts, students and faculty regained access to Canvas and resumed normal academic activities.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On Thursday afternoon, Canvas reported a global outage around 4 p.m., causing the platform to go dark for approximately 90,000 schools worldwide. The disruption affected an estimated 275 million students, including those enrolled at Wayne State University. Canvas is used by institutions to manage courses, grade assignments, and facilitate communication between professors and students. The outage was reported by FOX 2, which noted that experts began working through the night to restore service.
Professor Rhongho Jang of Wayne State University described being shocked when his teaching assistant informed him of the attack while he was finalizing grades after final exams, and his immediate concern was how to complete the grading process. He noted that Wayne State had already finished its finals before the data breach occurred, which limited the potential impact on academic operations. FOX 2 reported that the breach involved the exposure of limited personal information, though no further specifics were provided. Cybersecurity expert Colin Battersby explained that attackers typically pursue a two‑pronged strategy: stealing data to pressure organizations into paying for its non‑release and encrypting data to demand payment for a decryption key.
Throughout the night, cybersecurity experts worked to restore Canvas functionality, and by earlier today the platform was back online for affected institutions. Students and faculty at Wayne State University regained access to their courses, grades, and communication tools, allowing them to resume normal academic activities. The restoration ended the disruption that had prevented access to course materials and grade submission systems. No additional details about the duration of the outage beyond the restoration timeframe were disclosed in the source.