Nationwide cyberattack takes Cal Poly grading system offline. What to know
Canvas, the course management system used by thousands of colleges and universities across the nation, was down at all California State University campuses on Thursday after a large-scale cyberattack targeted university data.
According to a memo sent by Cal Poly’s IT team Thursday night, Canvas was shut down at all CSU campuses after the hackers “escalated their attack on Instructure,” the parent company of Canvas. It was still down as of Friday afternoon.
“Canvas access will not be restored until we are fully confident the system is secure,” the memo said.
Canvas is typically used by students and faculty to submit and grade assignments, see course materials and manage other forms of learning content.
The expected length of the outage was not known by Cal Poly administrators as of Thursday night, but the IT team reassured students it was working with the CSU to investigate the attack.
“Because we do not know the length of the outage, the campus is planning alternative ways in which faculty and students can complete their courses and assignments for the remainder of the quarter,” the memo said.
According to the AP, a hacking group called ShinyHunters was reportedly responsible for the attack.
What should students, staff do in the meantime?
With the website down, Cal Poly encouraged students and faculty to find alternative methods to manage their courses, including communicating with students via email and using other tools like Microsoft Teams and OneDrive to submit assignments. For grading and record-keeping, the team recommended using spreadsheets.
The university’s website on the outage also said faculty could delay tests until after Canvas access was restored.
Students were encouraged to continue going to class through the outage.
“Cal Poly students are encouraged to attend their classes as scheduled to stay engaged with their professors,” the website said. “Students are encouraged to contact their faculty by email with any questions they may have.”
The AP identified the group responsible for the attack as ShinyHunters, which also has ties to other cyberattacks.
Vigilance needed for continued threats, IT team says
IT staff reminded the Cal Poly community that attackers often try to take advantage of large-scale hacking incidents.
“We encourage all community members to remain vigilant and immediately report any suspicious communications, which could include messages that appear to come from within your campus community,” the memo said.
Students and staff were encouraged to report any suspicious activity to abuse@calpoly.edu.
The team reminded students that the CSU will not request payment to access Canvas materials — and encouraged them to log out and report such activity if it occurs.
The university said protecting the privacy of students and staff continued to be a top priority.
“We understand this is causing a major disruption at a time when our faculty, staff and students are preparing for the end of the academic term and commencement ceremonies,” the memo said. “We sincerely appreciate your patience and unwavering commitment to serving our students.”
.JPG)