Skip to navigation | Skip to main content | Skip to footer
Menu
Search the University of Manchester siteSearch Menu StaffNet

Canvas cyber incident – resolved

20 May 2026

Further to the announcements we made in early May regarding the cyber security incident involving the Canvas platform, Instructure have confirmed that the incident has been contained and that steps have been taken to prevent further unauthorised activity.

We have been advised that steps have been taken by the supplier to secure the data involved and prevent further misuse. Canvas continues to be available for use in the usual way, and there is no evidence of any ongoing threat to University systems.

While we now consider this resolved, it is a timely reminder to remain vigilant to cyber scams, particularly targeted phishing where messages are designed to appear legitimate.

What is spear phishing?

Spear phishing is a form of cyber-attack where emails or messages are carefully crafted and targeted at specific individuals or teams. Unlike general phishing, these messages often use real names, job roles, or current activities to make the request appear legitimate. The aim is typically to persuade you to share sensitive information, transfer funds, or take an action that compromises security.

Why is this a concern now?

Cyber criminals have been particularly active within the education community in recent months, as highlighted through the Canvas incident. Whilst this incident is now resolved, the potential remains for information (that can be gathered through many routes) to be used to make phishing attempts more convincing.

Stay vigilant:

  • Be cautious of unexpected or urgent requests, particularly those involving payments, passwords or sensitive data
  • Check the sender’s email address carefully, even if the name looks familiar
  • Verify unusual requests using a trusted method, such as a known phone number or separate email threadDo not click on links or open attachments unless you are confident they are genuine
  • Report suspicious emails immediately to phishing@manchester.ac.uk – this allows us to remove similar emails from other University mailboxes automatically.

For more information about phishing, the National Cyber Security Centre has produced guidance on what phishing is, how to spot it, and what to do if you think you've clicked a suspicious link: NCSC: Phishing attacks