Here are the details on the Canvas cyber attack that impacted thousands of schools.

Technology offers many tools for the benefit of society but utilization of those tools does not come without risk.

This month, schools across the globe were disrupted when a cyber-criminal hacked into Canvas, a learning management system from Instructure that is used by thousands of schools, universities and businesses in the U.S. and abroad, including the Nye County School District. This led the company to temporarily suspend use of Canvas on Thursday, May 7, creating chaos as teachers, students, parents and administrators were unable to access the system they use on a daily basis.

Service was restored to a majority of Canvas users as of the morning of Friday, May 8, with Instructure stating that as of May 11, it had come to an agreement with the cyber-criminal involved and all Canvas systems were back up and operational. However, no details were provided, financial or otherwise, on what the terms of that deal are.

“As part of that agreement: the data was returned to us; we received digital confirmation of data destruction (shred logs); we have been informed that no Instructure customers will be extorted as a result of this incident, publicly or otherwise; this agreement covers all impacted Instructure customers and there is no need for individual customers to attempt to engage with the unauthorized actor,” the status update statement reads.

Nye County School District officials said the local school district was not named as one of the entities whose data was compromised in the cybersecurity incident.

“NCSD’s internal servers and systems were never breached,” the district stated on Tuesday. “Data involved was limited to names, institutional email addresses, student/staff ID numbers and internal Canvas messages. Because NCSD uses Google for authentication, district passwords remained secure throughout the incident.”

However, officials did offer several tips for parents and students to keep in mind when using technology that is vulnerable to cyber-attacks.

“In light of the recent data incident involving our third-party vendor, Instructure (Canvas), the Nye County School District wants to ensure our students, parents and staff are equipped to protect their digital information,” a news release from this week stated. “While our internal systems remain secure and your passwords have not been compromised, some contact information (like names and school email addresses) may have been collected. This makes our community a target for ‘phishing’.”

Phishing is a common scam technique involving messages that appear to come from a person or company the intended target knows and trusts, with the aim to trick the victim into providing personal information or downloading/clicking on a link that results in malware or viruses being installed. With the use of Artificial Intelligence becoming commonplace, it is becoming ever easier for cyber criminals to tailor these messages to mimic the tone and style of the person they are imitating but there are several red flags that can give the criminal away.

“The ‘urgent tone’ - they may try to scare you by saying your account will be deleted or you’ll miss an assignment if you don’t act immediately,” NCSD advised. “Mismatched email addresses – check the sender’s email address carefully. An email might say it’s from NCSD but the actual address might be something like support@ncsd-updates.com instead of a legitimate @nyeschools.org.

“Suspicious links – hover your mouse over any link (without clicking!) to see where it actually goes. If the URL looks like a random string of number or letters, don’t click it,” NCSD continued. “Generic greetings – be wary of emails that start with ‘Dear Valued Student’ or ‘Dear Parent’ instead of your actual name. Request for passwords – NCSD will never ask for your password or phone number via email. Because we use Google to log into our systems, you should never have to provide your password to a third party.”

NCSD has implemented a temporary pause on external emails for all high school students, in an effort to block any incoming phishing attempts. Officials continue to monitor for any unusual activity within its systems.

“Education is our best defense,” NCSD concluded. “From Pahrump to Gabbs, we encourage parents to discuss digital safety at the dinner table.”

For more on the Instructure cyber incident, visit Instructure.com/incident_update

Contact reporter Robin Hebrock at rhebrock@pvtimes.com