Data of EUR students and staff stolen following cyberattack on Canvas

Data belonging to students and staff of Erasmus University were stolen during the cyberattack on Canvas. This includes names, email addresses, student numbers and messages sent via Canvas.

Education platform Canvas has been hit by a cyberattack. The attack is believed to have compromised the data of 275 million students at 9,000 educational institutions worldwide.

On Wednesday afternoon, the university announced that data belonging to EUR students and staff had also been stolen. This includes the names of students and staff, email addresses, student numbers and messages sent by users within Canvas.

The message on the MyEUR intranet urges users to be vigilant about unexpected emails requesting personal information, as these could be phishing attempts. Users may receive a notification in Canvas asking them to re-authorise certain features. The message states that this notification is legitimate and no cause for concern.

Canvas can still be used safely. Financial details and passwords were not included in the stolen data. Instructure, the company behind Canvas, says it has taken technical measures to prevent further risks. These measures may cause minor disruptions in Canvas.

The hacker group was also behind the data breach at telecoms company Odido earlier this year. In that incident, data belonging to millions of Dutch customers were stolen and later shared on the dark web.