San Diego campuses impacted by cyberattack on Canvas learning management system

Universities and K-12 schools across the United States have been impacted by a massive data breach. A group called “ShinyHunters” targeted a platform called Canvas, which is a common learning management system used by teachers and students. Students who tried to log on to the platform on Thursday saw the image below on their screen. A Canvas user shared this image with NBC 7 on May 7, 2026. Thus far in San Diego it’s affected San Diego State University, University of San Diego, Point Loma Nazarene University, the San Diego Community College District and San Diego Unified School District. Canvas is a platform schools and universities use for assignments and communication. “Currently our Canvas management system is completely down,” Chancellor Greg Smith with the San Diego Community College District said. SDCCD, USD, and SDSU joined a long list of colleges and schools impacted worldwide by the cyberattack on Canvas. Local San Diego Unified uses the platform in middle and high schools to manage assignments and grades. In a letter sent to families, the district said they’re evaluating how the shutdown is impacting their schools. Smith said having the network down has caused significant frustration among students and staff. “Most of our online programs or online courses use Canvas as a primary way of communicating, completing assignments, accessing course materials,” Smith said. According to Adjunct Professor of Cybersecurity for the University of San Diego, Nikolas Behar, the cyberattack started a week ago with suspicious activity in Canvas API. A few days later, the threat actor claimed on a dark website that the deadline had passed and leaked a sample of the data they had stolen to prove that it was real. “The attackers were actually able to steal 3.5 terabytes of data and that included names e-mails, student IDs, and private chats, or Canvas inbox between students and professors,” Behar said. The hacking group that claimed responsibility for the data breach shared a ransom letter on May 3 by Ransomware.live saying it had accessed data from more than 275 million people across 9,000 schools. “No passwords were leaked, no financial information, a lot of schools will use their own identity system aside from Canvas to allow students to log in,” Behar said. Although Behar said confidential data was not compromised, they are seeing phishing attacks go out to faculty and staff. A viewer shared a screenshot of one of those messages with NBC 7. “We have the attackers using the information that they’ve gathered and they’re sending out e-mails to affected individuals and they’re saying, we have your browser history, we have confidential data on what you’ve been doing on your system, and if you don’t pay us $2,000 in 48 hours, we’re going to leak that data so it’s really important for viewers to know that that’s a scam and that’s not something that you want to click on,” Behar said. Behar said it’s important to not click on any links and contact university or school district officials immediately if you do receive a phishing e-mail. Meanwhile, Smith said they’re using other methods to communicate with their students while the Canvas system is down. As of Thursday night, Canvas was available for most users, according to its website.