OU and Norman Public Schools are part of a worldwide Canvas data breach by a hacker group.
On Thursday afternoon, OU students attempting to access Canvas, the university’s learning management system, were met with a message from ShinyHunters, a criminal extortion group. The group has frequently targeted Canvas’ developer, Instructure.
Upon opening Canvas, a message from the hackers threatens the release of student data and states Instructure has until the end of the day on Tuesday to respond.
A Thursday afternoon email sent by OU Senior Vice President and Provost André-Denis Wright and Senior Vice President and OU Health Provost André-Denis Wright Gary Raskob confirmed the cybersecurity statement and wrote that the university was aware of the issue.
“This is a global issue affecting institutions worldwide, and Canvas services are currently experiencing disruptions,” the email reads. “…The University recognizes this disruption comes as students prepare for final exams and end-of-semester coursework and is committed to supporting students, faculty, and staff during this time.”
The email states that OU will provide updates as more information becomes available.
OU Marketing and Communications sent the same statement in an email to the Daily Thursday evening.
As of 3:48 p.m. Thursday, OU’s Canvas page redirects to an error page on OU’s website.
Screenshot of OU’s Canvas page featuring a message from hackers on May 7, 2026.
On Wednesday, Norman Public Schools sent an email to families and staff confirming its Canvas system had been accessed by a third-party system.
“Based on the information provided to us, the data involved appears to include limited personal information,” the email reads. “At this time, there is no indication that passwords, dates of birth, government identifiers, or financial information were involved.”
According to the email, the compromised data may potentially include names, email addresses, student ID numbers and private messages sent within the Canvas platform.
Instructure states there is no evidence passwords, social security numbers, birthday and financial information are part of the breach, the email states.
“We have received confirmation that some NPS student data was included in the breach,” the email reads. “In compliance with Oklahoma student data privacy standards, we are notifying affected families and staff.”
The email states NPS Technology Services Department is reviewing security guidance, monitoring systems for suspicious activity and coordinating with cybersecurity and legal partners as necessary.
“At this time, there is no indication that Norman Public Schools’ internal systems or network were compromised, …” the email reads. “We are actively monitoring the ongoing investigation and will continue to keep our community informed as additional information becomes available.”
A notice on the OU IT Alerts website page states it is working to resolve the issue.
OU Daily has reached out to OU IT and Instructure, but has not received a response by the time of this article’s publication.
The Daily obtained a Monday afternoon email sent to Dodge Family College of Arts and Sciences faculty and staff from Jeremy Hessman, the college’s technology strategist, stating the university is aware of the hack and will provide updates.
“OU IT and our Canvas team are aware of the ShinyHunters message when visiting Canvas.ou.edu and are working to resolve the issues,” Hessman wrote. “I will provide updates as soon as I receive them.”
According to Instructure’s status page, the company confirmed the security incident and stated it resolved a similar incident Wednesday.
Schools across the nation, including Harvard, Duke, MIT and Penn State, are also reporting data breaches.
This story was edited by Audrey McClour and Anusha Fathepure. Larkin Bock copy edited this story.
Click Here For The Original Source.
