THOMASIANS WILL be unable to access Canvas over the weekend as the University conducts a system-wide security maintenance on its official online learning management system, following the global data breach involving the platform’s parent company Instructure.
In a memorandum dated May 8, the UST Office of Information and Communication Technology said the University’s virtual learning portal would be down from May 9 to 10 to give way to a mandatory access security refresh.
The procedure is part of the University’s “proactive response to the recent global security incident involving Instructure” and is in cooperation with the Educational Technology Center and the Santo Tomas e-Service providers.
The global data breach was reportedly initiated by hacker group ShinyHunters, which claims to be responsible for the cyberattack against Canvas’ parent company, Instructure, this May.
“The primary goal of this maintenance is to require a system-wide re-login and account re-authentication as a precautionary security measure,” the memorandum read.
Thomasians may expect to access Canvas after 5 a.m. on May 11.
Students and professors are advised to download necessary study materials or assignment instructions before midnight today, May 8, to avoid being locked out over the weekend.
Once the system resumes its operation on Monday, Thomasians are highly encouraged to change their passwords and to enable multi-factor authentication “to provide an additional layer of account security.”
“By requiring users to verify their identity again, the University helps to ensure that only properly authenticated users regain access to the UST Cloud Campus,” the memorandum added.
Thomasians are likewise advised to “remain vigilant” against phishing scams, which are known as “urgent email scams” that compromise systems and steal users’ passwords.
“UST will never ask for your passwords, OTPs, (one-time passwords) or student IDs through email.”
ShinyHunters claims that it has leaked data totaling 3.65 terabytes, alleging that the data leak involves around 275 million users worldwide from around 9,000 academic and business organizations.
UST was among the listed institutions supposedly affected by the global data breach.
The cybercrime group also claimed that files, such as institutional email addresses and student ID numbers, were leaked as “victims did not pay a ransom or cooperate and comply with the group.”
Some information that was reportedly stolen include users’ full names, private messages on Canvas and “course metadata,” which contains information about enrollment and course lists.
Aside from UST, Ateneo de Manila University and De La Salle University are among the Philippine universities that have been affected by the Instructure data breach.
International higher education institutions, including Stanford University, Harvard University, University of Pennsylvania and University of Minnesota, also reported compromised security systems. F
