Update 12 May, 16:22 During the day we have received information that Instructure, the Canvas provider, has reached an agreement with the threat actor responsible for the attack. The provider has stated that it has taken measures to limit the dissemination of the relevant data.

Södertörn University is continuing to manage this matter with caution. It is still unclear how information accessed by the threat actor has been dealt with or could be dealt with in the future. Our work on managing the incident and implementing security measures is ongoing.

Update 11 May, 08:00 SH-StudyWeb is now open. After completing security measures, the crisis management team has decided that SH-StudyWeb can be re-opened for logging in. All integrations between Canvas and other tools were disabled on Friday. These are now being reactivated on an ongoing basis, but it may take a while until SH-StudyWeb is working normally again.

Update 8 May 11:10 SH-StudyWeb shut down. The university’s crisis management team has made this decision as a security measure and are working on the problem. Students who have to to hand in assignments should contact the subject or the teacher.

Update 6 May 10:14 Instructure has now informed us that Södertörn University is one of the universities affected by the hack. They are working to establish the extent of the breach and what information has been leaked. Södertörn University takes the situation seriously and has introduced measures, which include daily two-factor authentication when logging in to SH-StudyWeb. The university has also reported the incident to both the Swedish Authority for Privacy Protection and the Swedish Civil Defence and Resilience Agency.

Original article:

The supplier’s current assessment is that the incident is limited; they are investigating in partnership with external security experts. At present, we do not know whether Södertörn University has been affected. Information that could been compromised may include user details like names, email addresses and student IDs, as well as messages between users on Canvas. There is currently no evidence to suggest that any passwords have been compromised.

Södertörn University is in dialogue with Instructure and has involved specialist functions in IT security, information security and data protection.

What can you do?

As a precaution, we recommend that you:

• pay attention to suspicious email messages or login requests
• do not share your login details
• use strong and unique passwords