On May 1st, 2026, a third-party software provider, Instructure, announced a cybersecurity incident related to their Canvas learning management software, potentially affecting thousands of organizations worldwide.  This software is widely used within Higher Education, including here at Northern Arizona University (NAU), to support online learning. More details of this incident can be found on Instructure’s website.

NAU will continue to monitor this situation and update this webpage as new information becomes available. We anticipate that Instructure will contact impacted individuals directly with additional details where required by law.

Steps to safeguard your privacy

• Always enable two-factor authentication for any online service. This has proven to hinder bad actors who are trying to access your data.
• Use strong password practices, and leverage a password manager when possible.
• Be vigilant for phishing and other scams. NAU will never send emails asking for your password or login information. Beware of emails that ask for your personal, login, or financial information. Send any suspicious emails to phishing@nau.edu.
• If you believe you are the victim of identity theft, file a local police report and notify the Federal Trade Commission at www.identitytheft.gov.
• For specific questions or concerns, please contact DataSecurity@nau.edu.