Tampa Bay Schools and SPC Hit by Canvas LMS Data Breach
In early May, cyberattackers compromised student and staff accounts within the Canvas learning management system (LMS), affecting Hillsborough and Pinellas county schools as well as St. Petersburg College (SPC). Officials confirmed that the breach exposed only basic user details, though they urged affected individuals to remain cautious.
The incident was first reported by the Tampa Bay Times, which noted that the attack targeted the widely used educational platform. While the full extent of the breach remains unclear, no evidence suggests that sensitive data such as Social Security numbers or financial information was accessed. The affected districts and SPC are continuing to assess the impact and response.
The breach highlights ongoing cybersecurity risks in educational institutions, where digital platforms like Canvas serve as critical infrastructure for remote and in-person learning. No further details on the attackers’ motives or methods have been disclosed.
Source: https://www.tampabay.com/news/2026/05/07/school-cyberattack-student-data-leak-florida/
St. Petersburg College cybersecurity rating report: https://www.rankiteo.com/company/st--petersburg-college
Pinellas County Schools cybersecurity rating report: https://www.rankiteo.com/company/pinellascountyschools
Hillsborough County Public Schools cybersecurity rating report: https://www.rankiteo.com/company/hillsborough-county-public-schools
"id": "ST-PINHIL1778179224",
"linkid": "st--petersburg-college, pinellascountyschools, hillsborough-county-public-schools",
"type": "Breach",
"date": "5/2026",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'customers_affected': 'Students and staff',
'industry': 'Education',
'location': 'Florida, USA',
'name': 'Hillsborough County Schools',
'type': 'Educational Institution'},
{'customers_affected': 'Students and staff',
'industry': 'Education',
'location': 'Florida, USA',
'name': 'Pinellas County Schools',
'type': 'Educational Institution'},
{'customers_affected': 'Students and staff',
'industry': 'Education',
'location': 'Florida, USA',
'name': 'St. Petersburg College (SPC)',
'type': 'Educational Institution'}],
'customer_advisories': 'Officials urged affected individuals to remain '
'cautious',
'data_breach': {'personally_identifiable_information': 'Basic user details',
'sensitivity_of_data': 'Low (no SSNs or financial '
'information)',
'type_of_data_compromised': 'Basic user details'},
'date_detected': '2024-05',
'description': 'In early May, cyberattackers compromised student and staff '
'accounts within the Canvas learning management system (LMS), '
'affecting Hillsborough and Pinellas county schools as well as '
'St. Petersburg College (SPC). The breach exposed basic user '
'details, and officials urged affected individuals to remain '
'cautious.',
'impact': {'data_compromised': 'Basic user details',
'systems_affected': 'Canvas LMS'},
'investigation_status': 'Ongoing',
'references': [{'source': 'Tampa Bay Times'}],
'response': {'communication_strategy': 'Officials urged affected individuals '
'to remain cautious'},
'title': 'Tampa Bay Schools and SPC Hit by Canvas LMS Data Breach',
'type': 'Data Breach'}