Education Research Current About VU Amsterdam NL
Login as
Prospective student Student Employee
Bachelor Master VU for Professionals
Exchange programme VU Amsterdam Summer School Honours programme VU-NT2 Semester in Amsterdam
PhD at VU Amsterdam Research highlights Prizes and distinctions
Research institutes Our scientists Research Impact Support Portal Creating impact
News Events calendar Healthy living at VU Amsterdam
Israël and Palestinian regions Culture on campus
Practical matters Mission and core values Entrepreneurship on VU Campus
Governance Partnerships Alumni University Library Working at VU Amsterdam
Sorry! De informatie die je zoekt, is enkel beschikbaar in het Engels.
This programme is saved in My Study Choice.
Something went wrong with processing the request.
Something went wrong with processing the request.

Update page cyber incident on educational software Canvas

Share
7 May 2026
The supplier of Canvas Instructure has informed the Vrije Universiteit Amsterdam that there has been a security incident with educational software Canvas.

This is a large-scale hack by the hacker collective Shinyhunters where student and faculty data was leaked. We have not yet received confirmation from Instructure as to whether or which VU data would be affected.VU is closely monitoring developments, and as soon as new information becomes available, we will update this post.

View frequently asked questions about the Canvas cyber incident here. As soon as new information is available, we will update this post and the FAQ.

Update May 7, 2026 - 23:50
Hacker group ShinyHunters has posted a message in the Canvas environment that they have regained or continue to gain access. They are threatening to make the stolen data public. As a precaution, VU has disconnected all systems connected to Canvas. If you go to the Canvas website you will be redirected to this update page.

This will potentially affect teaching and attendance on May 8. VU has filed a preliminary notification with the Personal Data Authority.

Update May 6, 2026
Instructure has reported that there has been unauthorized access to part of their systems. Intruders have captured student and staff data. This may include student and employee names, email addresses, student IDs and messages between users. According to Instructure, no passwords have been leaked.

Measures
Instructure has taken additional security measures. As a precautionary measure, VU has disconnected all systems connected to Canvas. VU is also monitoring whether any student or employee data is offered on the Internet. The VU has provisionally reported to the Personal Data Authority and is in close contact with other educational institutions, SURF and the umbrella organization Universities of the Netherlands about the situation.

What does this mean for you?
At this moment Canvas is not accessible. The leaked data can be used for phishing emails. We therefore ask you to be extra alert for suspicious messages. For example, emails that arrive unexpectedly or ask to share personal information. Read more about how to recognize phishing emails here.

Help & Support
Have you received an unexpected or suspicious message? Or if you are unsure about an email, please contact the IT service desk. To discuss concerns about the situation check here where to go for this at VU.

Read the coverage of the incident from umbrella organization Universities of the Netherlands here.

Quick links

Homepage Culture on campus VU Sports Centre Dashboard

Study

Academic calendar Study guide Timetable Canvas

Featured

VUfonds VU Magazine Ad Valvas Digital accessibility

About VU Amsterdam

Contact us Working at VU Amsterdam Faculties Divisions Privacy Disclaimer Safety Web Colophon Cookie Settings Web Archive

Copyright © 2026 - Vrije Universiteit Amsterdam