Instructure, the vendor of the platforms used by UT, and by Austin ISD for communication between teachers, students and parents, is working once again. UT Austin told told faculty and staff Friday that the global “disruption” affecting the platform had been resolved.
In an email to parents Friday, AISD officials also confirmed that Instructure had restored their services. But they said the district would take a “cautious approach” regarding the use of the platform.
“Before we are prepared to restore access for our users, we must first complete our own internal security checks,” they said.
BLEND is the platform used by teachers and students to view assignments, due dates and course materials. Teachers also use it to communicate with students and parents. AISD officials said they expect to finish their internal security checks by the end of Friday and BLEND would be working as normal by Monday morning.
AISD was included in a long list of schools and universities affected by a cyberattack after the platform “BLEND” went down Thursday afternoon and was replaced by a message from a hacker identified as “ShinyHunters.” The hacker said affected schools had until Tuesday to negotiate a settlement before internal data was made public.
KUT News received screenshots Thursday from parents at McCallum High School and teachers at other schools that show the message sent by the hacker to the the district.
“ShinyHunters has breached Instructure (again). Instead of contacting us to resolve it they ignored us an did some ‘security patches,'” the message read.
In the message, “ShinyHunters” told schools it was open to negotiating a settlement before May 12. The hacker said if schools wanted to prevent data leaks, they must consult a cyber advisory firm and contact them privately. It is unclear how Instructure fixed the issue.
In a statement to parents, AISD officials said the attack was on BLEND’s parent company and not the district itself. District officials said their security teams are confident that the attack will not impact AISD’s systems because of their “proactive investments in added security layers,” including multi-factor authentication.
The data housed on the BLEND platform includes names, email addresses, student IDs and personal messages between teachers and parents or students.
District officials said that, as precaution, they removed access to the platform from the district’s portal until they can verify it’s safe. They encouraged families to avoid logging into BLEND from home and said they are investigating the incident and will provide updates when they have them.
It was part of a larger attack on Instructure, the parent company of Canvas, which runs BLEND. Thousands of universities and schools have been allegedly affected by the breach, including Harvard, Duke and The University of Pennsylvania, which adds up to hundreds of thousands of affected users.
UT Austin also announced a “Canvas” outage Thursday night and said the outage was impacting grade reporting.
“We are actively assessing the situation and monitoring updates regarding system availability and functionality,” said UT officials on a message on the website of the Registrar’s office posted Thursday afternoon.
A student confirmed with KUT News on Thursday that they couldn’t access their Canvas account.
On Monday, UT Austin officials sent an email to students and staff saying that Instructure disclosed information on May 1 about a cybersecurity incident. They said they were working with the company to assess specific impacts to the university’s systems or data.
“The company stated that it has found no evidence that passwords, dates of birth, government identifiers, or financial information were involved,” UT officials said.
At the beginning of April, AISD officials said the district was experiencing network lags and connectivity issues caused by targeted cyberattacks.
KUT reached out to Instructure for comment but has not heard back.
Click Here For The Original Source.
