A damaged laptop entombs an important essay. The least useful member of a group project accidentally deletes the shared Google document. A burrito consumed on the eve of a crucial presentation fulfills an untimely revenge.
But what if these horrors weren’t yours alone? What if all students, and their professors for that matter, found themselves living a shared nightmare at the worst possible time? That’s what happened last week when hackers struck the learner management platform Canvas, shutting down access for several hours as finals loomed at colleges across the country.
The outage barred students from study materials, disrupted exams and threatened to undo the completed work of students and instructors alike.
This was no small event but rather a portent of growing challenges as more college and K-12 students alike turn to online classes for their convenience and flexibility.
Close to home, the Canvas breach hit the University of Minnesota and University of Wisconsin systems. It struck blue blood institutions like Harvard, Columbia, Georgetown and Rutgers. In total, more than 40% of all American universities — almost 9,000 schools in all — may have been affected by the Canvas hack.
For most students, the outage was relatively brief — a few hours on May 7. The timing, however — during the peak of due dates at the end of the school year — was devastating. Furthermore, it’s not yet clear how much student data the hacking organization “ShinyHunters” took. They had access for more than a week and are now holding information for ransom.
Instructure, the parent company of Canvas, said that it shut down the entry point that the hackers used, but it will take time to determine the true scope of the damage.
More than a momentary scare, this breach demonstrates a deeper problem. When tuition-paying students and their colleges outsource classrooms to third-party providers, events like this will always be a risk. And while efforts to mitigate that risk are robust and usually effective, the danger can never be eliminated.
I know quite well the impact of this kind of outage. For two decades, I taught full time at a community and technical college in the Minnesota State system. My 2004 graduate thesis was about teaching communication classes online — something some considered preposterous at the time.
Today, students clamor for online classes. In Minnesota, almost 63 percent of all college students took at least one online course, according to 2024 data from the National Center for Education Statistics. Forty-one percent were exclusively enrolled in online courses.
The demand is so great that the Minnesota State system recently announced plans to downsize campus buildings across the state to reflect the declining use of brick-and-mortar classrooms.
Minnesota State colleges use a platform called Brightspace, similar to Canvas. More than half of my students were fully online. I also used Brightspace in my face-to-face classes to share learning materials, collect assignments and update grades. By the time I left my position last year, most instructors did this. Students expected it. That means that even on-campus classes rely heavily on these learning management systems to deliver content.
But there was a reason I always kept a paper gradebook to support the online one that students could see. A breach like last week’s was inevitable, and it won’t be the last.
The appeal of providers like Canvas to schools is obvious. By contracting with a specialized service, colleges avoid the enormous cost of designing, maintaining and protecting their own learning management system. Colleges simply don’t have enough staff or resources.
And while security and data protection is a priority for companies and universities alike, when so many schools use the same provider, hackers see a target that’s hard to pass up. It only takes one failure. If a student throwing spitballs can disrupt a classroom, imagine a spitball machine that disrupts every classroom in every college in the country. That’s the difference.
Perhaps the greater concern is homogenization. A college classroom is usually distinguished by the teacher in the room. The same should be true online, but it takes a lot of conscious effort to replicate human experiences in platforms like Canvas or Brightspace.
In the years I spent as a faculty trainer, I showed colleagues how to use the software to design effective online courses. But education is more than just technology. The only way to truly reach online students is to respond quickly, offer meaningful feedback and create original content. But if the tech fails, it all goes out the Window(s).
My advice always included making backup plans. That might mean communicating by email, video conferencing or even, if things went really sideways, meeting in a room where you could deliver the content verbally. Crazy, I know, but it does work.
The popularity of online courses is less about students preferring the delivery method and often more about the fact that students need to work while attending college to afford it in the first place. Twenty years ago, nontraditional students might have put their kids in child care to attend classes. Today, that option is too expensive and, as I explained recently, might not even be available for many rural students.
Like so much of life today, the growth of conveniences correlates with the rising cost of living.
We can trace a line between classes at any of Minnesota’s colleges and universities through an academic tradition that dates to ancient humanity. This tradition emphasized a curriculum that expanded the mental capacity and critical thinking of human beings. It endured political purges, wars and the end of civilizations. If a group of hackers can knock it down, we’re not doing it right.
©2026 The Minnesota Star Tribune. Distributed by Tribune Content Agency, LLC.
