THE UK’s Cyber Monitoring Centre (CMC) has released an analysis regarding a recent data breach involving Instructure’s Canvas, affecting around 160 UK higher education institutions and approximately 9,000 globally. The breach involved unauthorized access and the exfiltration of confidential data by a known cybercriminal organization. Although it did not meet a critical threshold for major incidents, the CMC aims to broaden its understanding of the financial impacts of data breaches in education.
It recommends institutions prioritize security measures, such as multi-factor authentication, controlling third-party access, and conducting regular incident response tests. Furthermore, the CMC has highlighted the importance of effective communication during cyber incidents to mitigate risks, particularly about potential phishing attacks stemming from the compromised data.