Cyber Incident Victim: Wayzata Public Schools
Date:
May 2026
Location:
United States of America
Summary
Wayzata Public Schools was notified by Instructure that a vendor-side data breach affecting the Canvas learning platform had exposed certain user information. The breach involved names, email addresses, student ID numbers and internal Canvas messages but no passwords, financial data or government identifiers according to Instructure. The district stated its internal networks were not compromised and that it activated its incident response team while coordinating with Instructure to review security protocols. The exact number of affected individuals within the district remains unknown as the investigation continues.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On May 1, 2026, Instructure notified Wayzata Public Schools that hackers had accessed certain systems within the Canvas learning management platform. The breach was confirmed by Instructure, the parent company of Canvas. Hackers claimed to have accessed information on approximately 275 million users and more than 9,000 schools. Wayzata Public Schools stated that its internal networks and systems were not breached or compromised, describing the incident as vendor‑side. The data potentially exposed included student and staff names, email addresses, student ID numbers, and internal messages sent within Canvas. Instructure officials confirmed that there is no evidence that passwords, dates of birth, government identifiers, or financial information were accessed. Instructure said the incident has been contained and reported that it revoked privileged credentials, deployed security patches, rotated certain keys, and increased monitoring across all platforms.
Wayzata Public Schools activated its Incident Response Team following the notification. The district said it is maintaining close contact with Instructure and has begun reviewing its own security protocols. Officials emphasized that the privacy and security of student data remains the district’s highest priority. Instructure has committed to notifying any impacted institutions if additional information about the breach emerges. The investigation into the breach is active and ongoing. It is not yet clear exactly how many Wayzata students or staff members had their information accessed, nor whether any Minnesota‑specific data was targeted.
Hackers have claimed access to data on 275 million users and over 9,000 schools, according to information shared by Instructure and communicated by the school district. The details of the incident were provided to the public by Wayzata Public Schools and Instructure.