Cybersecurity Response
In light of digital and cybersecurity challenges, San José State University (SJSU) and the California State University (CSU) work around-the-clock in tandem to safeguard student and employee data and restore secure functionality as quickly as possible.
This page serves as a repository for updates and official university communications on disruptions to or unplanned, emergency suspensions of information technology systems; teaching and learning software; enterprise and operational applications; communications and telecommunications infrastructure; internet and network systems; and other digital tools provided, managed, or contracted by SJSU and/or the CSU.
To see the operational status of all software and network systems, view the live page below. Or, request assistance from IT or report an issue.
Canvas Cybersecurity Incident
The week of May 4, 2026 San José State University was informed of a recent cybersecurity incident involving Instructure, the vendor that provides Canvas, the university's learning management system.
As of May 8, Canvas is operational again. Out of an abundance of caution, the CSU has removed blocked access and redirects but continues to work to restore secure integration between CSU systems and Instructure's Canvas. The latest updates from the CSU systemwide office will be on the Incident Page.
The threat actor accessed data from many educational institutions worldwide stored at Instructure’s site that likely included information from the CSU. Instructure is still confirming what data may have been exposed, but based on their preliminary assessment, it may include personal information such as names, email addresses, student ID numbers, and user messages. At this time, neither Instructure nor we can confirm whether any individual’s data at SJSU was included. Canvas does not store passwords, Social Security numbers, financial information, or dates of birth.
Out of an abundance of caution, we encourage all community members to remain vigilant for phishing or suspicious communications and to report any such activity to [email protected].
- May 8, 2026, 11 a.m. Community Update from the Provost: Canvas Restoration and Guidance for Finals and Grading
- May 8, 2026, 9:45 a.m. Community Update: Canvas Cybersecurity Incident Update
- May 7, 2026 Community Update: Canvas Cybersecurity Incident Update
- May 6, 2026 Community Update: Canvas Cybersecurity Incident Notification
Frequently Asked Questions
Is Canvas down?
Canvas is down across all CSU campuses, including San José State. The CSU has blocked or redirect access out of an abundance of caution and will not restore access until the CSU is confident the system is secure. Instructure is working diligently to gather more information and get systems restored.
This situation is fluid, and the CSU is working with Instructure to determine the full scope of impact and will provide updates as soon as they are available.
Please continue to refer to the CSU Canvas Incident Reports page for updates and resources for affected individuals. If you have any questions or concerns, please contact the IT Help Center.
How do I stay safe online or using any digital tool provided to me by SJSU and/or the CSU?
SJSU Information Technology provides this guidance on cybersecurity for all students, faculty, staff and auxiliary employees.
Where can I get more information on this incident?
Visit the CSU FAQ on the Canvas Incident.
Additional information
Prevent cybersecurity exposure or risk by referring to SJSU IT's guide on cybersecurity.
If you have any safety concerns at SJSU, please contact UPD at (408) 924-2222 or report
through the Spartan Safe mobile app.
Return to top
