Chalmers University Investigates Data Breach in Canvas Learning Platform
Chalmers University of Technology has confirmed a data breach affecting its widely used Canvas learning management system (LMS), which serves thousands of students and staff. The incident, linked to a recent breach of the cloud-based platform, exposed personal data, including names, email addresses, and the contents of private messages.
While the university reports no evidence of compromised passwords, it has advised users to exercise caution in personal communications as a precaution. Canvas, a global platform used by numerous educational institutions, remains operational at Chalmers, though the university has activated its incident response protocols. This includes notifying affected individuals and reporting the breach to relevant authorities.
Chalmers is closely monitoring the situation in coordination with the platform’s supplier and has pledged to provide updates as more information becomes available. The breach underscores the ongoing risks to educational institutions relying on third-party digital infrastructure.
Source: https://www.chalmers.se/en/current/news/personal-data-has-been-leaked-from-canvas/
Chalmers University of Technology TPRM report: https://www.rankiteo.com/company/chalmers-university-of-technology
Canvas TPRM report: https://www.rankiteo.com/company/canvascloud
"id": "chacan1777927648",
"linkid": "chalmers-university-of-technology, canvascloud",
"type": "Breach",
"date": "5/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Students and staff',
'industry': 'Education',
'name': 'Chalmers University of Technology',
'size': 'Thousands of students and staff',
'type': 'Educational Institution'}],
'customer_advisories': 'Advised users to exercise caution in personal '
'communications',
'data_breach': {'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'Personal data',
'type_of_data_compromised': ['Names',
'Email addresses',
'Private messages']},
'description': 'Chalmers University of Technology has confirmed a data breach '
'affecting its widely used Canvas learning management system '
'(LMS), which serves thousands of students and staff. The '
'incident, linked to a recent breach of the cloud-based '
'platform, exposed personal data, including names, email '
'addresses, and the contents of private messages. While the '
'university reports no evidence of compromised passwords, it '
'has advised users to exercise caution in personal '
'communications as a precaution.',
'impact': {'data_compromised': 'Personal data, including names, email '
'addresses, and private messages',
'systems_affected': 'Canvas learning management system (LMS)'},
'investigation_status': 'Ongoing',
'references': [{'source': 'Cyber Incident Description'}],
'regulatory_compliance': {'regulatory_notifications': 'Yes'},
'response': {'communication_strategy': 'Notifying affected individuals and '
'reporting the breach to relevant '
'authorities',
'enhanced_monitoring': 'Yes',
'incident_response_plan_activated': 'Yes',
'third_party_assistance': 'Coordination with the platform’s '
'supplier'},
'title': 'Chalmers University Data Breach in Canvas Learning Platform',
'type': 'Data Breach'}