The supplier Instructure, which operates the Canvas learning platform, has been the target of a cyberattack. The University is monitoring the situation and is in dialogue with the supplier.

Updated on 12 May at 14:30

Canvas is now working normally again. Sunet and Ladok will be reactivating all integrations shortly.

Updated on 11 May at 10.00

The Canvas learning platform and the Inspera exam system are operating as normal.

Canvas provider Instructure has implemented a number of security measures.

Malmö University continues to monitor developments and will keep students and staff informed on an ongoing basis.

Please remain vigilant against phishing attempts. See instructions below.

You can read more about information and IT security here

 

Updated on 8 May 2026 at 11.37

The provider (Instructure) of Malmö University’s learning platform, Canvas, has been the target of a cyberattack. Several Swedish higher education institutions have been affected, though in different ways. Malmö University is monitoring the situation and implementing various measures, and will provide regular updates on developments.

At Malmö University, Canvas and the Inspera examination system are operating as normal.

What we know

On 2 May 2026, Instructure confirmed that it had been subjected to a cyberattack carried out by a criminal threat actor. At present, it is unclear to what extent Malmö University has been affected.

If it turns out that Malmö University has been affected, this may involve personal data from students and staff, such as names, email addresses, MauIDs and messages sent between users in Canvas.

As far as Malmö University is aware, no passwords or personal identification numbers have been leaked.

Be vigilant against phishing attempts

As an extra security measure, we would like to urge all students and staff to be on the lookout for suspicious emails that may be phishing attempts.

  • Be wary of unexpected content and do not click on links or open attachments unless you are certain the content is legitimate.
  • If you are in any doubt, please check with the sender via an alternative contact method.
  • Never disclose login details via email, in links or in files you have opened via email.
  • If you receive a suspicious message, you can forward it to support@mau.se.

Information on digital security

Updated on 5 May

Security incident

What has happened at Instructure, the supplier that runs Canvas?

Instructure has experienced a security incident. According to the provider, the incident has been dealt with and is being investigated further.

Is Malmö University affected?

At present, there is no information to suggest that Malmö University has been affected. The University is in regular contact with Instructure and is monitoring the situation closely. Nor is there any information to suggest that any Swedish higher education institutions have been affected by the incident.

Who might be affected by the security incident?

If it turns out that Malmö University has been affected, this may concern students and staff who use Canvas.

What data may have been affected based on the information currently available?

Data that may have been affected includes names, email addresses, MauIDs and messages in Canvas. According to current information, no passwords or personal identification numbers have been affected.

How is Malmö University handling the situation and how will we provide further updates?

Relevant departments within IT security, information security and data protection are involved. 

Text: Communications Department