Serving the GW Community since 1904

The GW Hatchet
AN INDEPENDENT STUDENT NEWSPAPER SERVING THE GW COMMUNITY SINCE 1904
The GW Hatchet
Serving the GW Community since 1904

The GW Hatchet

Officials shut down Canvas for GW Law following nationwide security breach

By Lakshmi Dev, Assistant News Editor
May 8, 2026
Nicholas Ware | Assistant Photo Editor
The George Washington University Law School entrance.

Updated: May 12, 2026 at 12:04 p.m.

Officials removed GW Law student and faculty members’ access to Canvas following a nationwide outage after hackers breached its security system, according to an Information Technology incident update Friday.

Canvas, a learning management platform GW Law uses for all its course sites, was offline nationwide for hours Thursday after a group of hackers attacked the system and threatened to release student and faculty data from over 9,000 schools, including GW. Instructure, Canvas’ parent company, confirmed the platform was back online Thursday night, but GW IT said in an update Friday they had removed access to Canvas and temporarily shut down Parchment — the platform the University uses to process and deliver official student transcripts, also owned by Instructure — “out of an abundance of caution.”

Vice Provost for Information Technology Anna Vakulick said the University restricted access to Canvas and Parchment on May 7, “closely monitoring” GW accounts for any malicious activity. She said officials removed access to the sites to ensure GW credentials were not provided to a malicious site.

Officials have since restored access to Parchment as of Monday, however confirmed that access to Canvas for GW Law students using GW single sign-on is still restricted.

“The University continues to engage with the vendor and other affected schools in assessing the full scope of the incident, actions taken to resolve the incident and validation of those efforts,” Vakulick said in an email.

GW first posted an incident update Wednesday notifying students of a “global security incident” involving Canvas and said the platform would remain operational, though officials were monitoring the situation. GW IT Security confirmed Thursday GW Law’s Canvas access was unavailable and users would experience single sign-on errors when attempting to log in. Officials also said Milken Institute School of Public Health students, who use the platform through a “separate instance” not integrated with GW’s management systems, may potentially be affected. 

Vakulick said Milken faculty maintained instructional continuity by communicating to students over email and hosting live class sessions over Zoom as previously planned. She said for instances that utilized Canvas in some way, faculty used GW provided platforms in the interim until officials restored access to Canvas, which she said is now back online for Milken students.

Vakulick said GW Law students completed their exams, experiencing no impacts to exam administration or other final materials for evaluation.

Instructure identified “unauthorized activity” on April 29 involving its systems and launched an investigation into a potential data breach, according to its website. ShinyHunters, a hacker group, said on May 3 they had breached Instructure and gained access to data from more than 275 million people across nearly 9,000 schools and would leak it if listed schools did not meet their demands by May 6.

ShinyHunters on Thursday then defaced Canvas login pages, claiming they had breached Instructure “again” and that the company only installed “security patches” instead of complying with the group’s demands. The message said they would release the data if affected schools did not contact the group by May 12. Instructure said compromised data may include basic user information such as names, email addresses, student ID numbers and internal messages between students and instructors, though it has stated that there is no evidence that passwords, financial data or government identification numbers were accessed.

Vakulick confirmed the University did not receive any ransom demands from ShinyHunters.

Instructure said in an update Thursday at 11:17 p.m. Canvas was back online for most users, though Canvas and Parchment-supported transcript services for GW students was shut down and remained shut down through Friday as officials continued its response to the incident.

This post has been updated to include the following:

This post has been updated to include comment from Vice Provost for Information Technology Anna Vakulick and additional status update on access to Canvas and Parchment.

Donate to The GW Hatchet
$575
$1000
Contributed
Our Goal

Your donation directly empowers the student journalists of The GW Hatchet, giving them the tools to investigate, report and publish stories that matter. Every contribution helps us continue our decades long tradition of independent journalism at GW.

More to Discover
More in News
GW's employment site displays job openings for an equal opportunity investigator and lead equal opportunity investigator in the new Office of Equal Opportunity.
GW creates new positions to handle discrimination complaints, labor relations
President Donald J. Trump speaks at the kick-off event for the Great American State Fair.
Trump headlines Great American State Fair kickoff rally on National Mall
The District of Columbia Nurses Association and the George Washington University Hospital Nurses United logos on a bulletin.
GW Hospital nurses asks NLRB to reverse decision blocking union decertification vote
Donate to The GW Hatchet
$575
$1000
Contributed
Our Goal