The Los Rios Community College District’s IT Service Department alerted students and faculty of a systemwide Canvas data breach on May 7, that’s currently experiencing outages and is unable to be accessed. 

After the Los Rios Community College District’s IT Service Department alerted students and faculty of a systemwide Canvas data breach on May 7, the district sent out a follow-up on the outage.

 “The vendor initially reported that the leak did not contain any passwords, social security numbers or any other confidential information,” the message read. “There is also no evidence to believe that Los Rios students’ or employees’ information has been breached but they are taking precautions. The Los Rios IT has disconnected data connections between Canvas and Los Rios systems as well.”

“We understand the disruption that this outage is causing, and that the time is particularly disruptive heading into finals and the end of the semester,” the email said.“At this point, we do not know when this issue will be resolved, or if it will be resolved by the end of the semester.” 

Users are currently unable to access Canvas.

A cybercrime group by the name “ShinyHunters” reportedly hacked Canvas, demanding a ransom in exchange for preventing over 3.65TB of stolen student data from leaking. Nearly 9,000 schools, universities and institutions and 275 million people have been affected worldwide, according to the Instructure status website. 

Canvas is the learning management platform used by LRCCD students and other students nationwide.

In a warning message displayed on Canvas, the group left a ransom deadline set for May 12. If the ransom is not paid by Instructure, the company behind Canvas, at least 47 million students could have their information leaked, according to reports. 

“Instead of contacting us to resolve it they ignored us and did some ‘security patches,’” ShinyHunters wrote in its message. “If any of the schools are interested in preventing the release of their data, please consult with a cyber advisory firm and contact us privately at TOX to negotiate a settlement.” 

The message also contained a link to a list of all the schools in danger of having data leaked if the ransom is not met, including Harvard University, Stanford University, the Massachusetts Institute of Technology, Oxford University, Cambridge University, and other universities and colleges cited by “APlasticPlant,” an archival but reputable Instagram account. Sacramento State is also on the list, according to The State Hornet; however, it is unknown if American River College is on that list as well. 

The Los Rios District is aware of the issue and is currently “investigating and communicating with state and vendor contacts,” according to Gabe Ross, the chief and communications officer for LRCCD. 

Ross wrote in an email, stressing “students NOT to click on any links in error messages and to look for more communication from the college or district on next steps.” 

Students are not to log in or input any personal information on Canvas. 

If you’ve logged onto Canvas after 12:45 p.m. it is highly encouraged to change your password on the Los Rios Password Management site immediately. It is also crucial to keep in touch with your instructors. 

This is a developing story. This story was updated at 7:24 p.m on May 7. The Current will continue to post updates as more information becomes available.