- What happened?
- Exams and assessments
- Accessing learning resources
- Data security
- What you need to do
- What the University is doing
- Help and support
- Frequently Asked Questions (FAQs)
What happened?
In May, Instructure, the company behind Canvas confirmed that a third-party gained unauthorised access to some user data as part of a cyber security incident affecting educational institutions worldwide.
Latest update
On 12 May, Instructure confirmed they reached an agreement with the unauthorised third-party. Canvas continues to be available for students to access.
Students with submission due on Friday 8 May should log in to submit their assessment. Students were given two working days to complete this. This means the deadline for assessments was 23.59 on Tuesday 12 May. For more information scroll to the exams and assessments section on this page.
Exams and assessments
Students who have exams, practical assessments or teaching on campus should still attend as scheduled. Affected students will have been directly contacted by their School.
Submitting your assignment
If you had submission due on Friday 8 May, you can now submit your assignment via Canvas as normal. You will have two working days to complete this. This means your assignment must be submitted by 23.59 on Tuesday 12 May.
Exams and assessments
- In-person exams continued as normal.
- In-class tests which would have taken place on Canvas have been rescheduled.
Please be reassured that we are working closely with Schools and academic teams and students will not be disadvantaged in relation to teaching, learning or assessments.
Accessing learning resources
The Online Library is available to access learning resources, including textbooks and journals.
- Visit the Online Library in Studynet: https://studynet.herts.ac.uk/studynet/Library. Use the library search to find books, eBooks and journals.
- Access your module reading lists at https://herts.rl.talis.com/index.html. You can search by module code or title.
- Our Learning Resources Centres remain open 24/7 to support you with your studies
Data security
Instructure have advised the user data may include the following:
- Names
- Email addresses (@herts.ac.uk and personal email addresses)
- Student ID numbers and user names
- Messages between users
- Course information
Please be assured that passwords, financial details, or dates of birth are not stored in Canvas and there is currently no indication that University of Hertfordshire student or staff data has been misused.
Our teams are working with Instructure to continue to monitor and investigate the incident.
What you need to do
There is no immediate action required at this stage. However, please stay alert for suspicious emails or messages especially those asking you to log in, reset passwords or share personal information. Incidents like this can increase the risk of phishing (scam emails or messages).
- Don’t click on any unexpected links or attachments
- Never share personal, financial or login details. The University will never ask for your password.
- Report anything suspicious immediately to IT Helpdesk.
Protect yourself by following these tips: How to spot a scam email, text message or call
What the University is doing
Keeping your data safe is very important to us. In response to this incident the University is:
- Reviewing the outcome of the incident with Instructure and continuing to assess any ongoing impact
- Continuing to monitor our systems for any unusual activity
- Strengthening our systems and security measures to ensure our data and systems remain safe and secure
Help and support
If you’re unsure about a message, think your account may have been targeted or need support:
- Contact the Helpdesk
- Telephone: +44 (0)1707 284678 or ext 4678. (available 24/7)
- Email: helpdesk@herts.ac.uk (Monday to Friday 08:00 to 17:00)
If you feel worried or affected, you can contact Student Wellbeing for support.
- Contact Student Wellbeing for free, confidential help.
- Use the 24-hour Student Wellbeing helpline if you need support at any time.
Frequently asked questions
I couldn’t access the teaching material between 7-8 May
Your module leader should have been in touch on Friday 8 May to share teaching materials if you had submission dates on the same day.
If you have any concerns or you did not hear from your module leader, please contact them immediately. If you were affected between 7-8 May by not being able to access teaching materials for an assignment, you may wish to consider applying for an extension for the assignment.
I could not access teaching materials which affected my exam
If students were affected last night (7 May) and today (8 May) by not being able to access teaching materials for exams they could submit an Exceptional Circumstance request for the module concerned indicating the Canvas security incident as the reason.
Do we expect the incident to have an on-going impact deadline, marking, boards, Graduation and results?
While Canvas was unavailable, staff will not have had access to complete marking or feedback. Therefore, we expect there will be a short delay in feedback but this is expected to be minimal. There may be a 48-hour delay and this is not expected to impact boards, Graduation or visas. If you have concerns about this, please contact your programme leader.
Do I need to check that any recent submissions are still there on Canvas?
Recent submissions should still be there on Canvas but please do check if you submitted something on the evening of 7 May before Canvas was unavailable.