UPDATE 5/8/26, 8:50am: According to an email sent from their University Communications, New Mexico State University reports that Canvas service has been fully restored:
Dear NMSU Community,
Canvas service has been fully restored, and access was re‑enabled at 8:00 AM Mountain Time (MT).
To support students and faculty impacted by the outage, a grace period will be extended for all Canvas activities that were due on May 7 and May 8. These activities may be submitted through 11:59 PM Mountain Time (MT) on Monday, May 11.
Faculty may use their discretion to allow additional time beyond this grace period if they determine it is needed for their courses.
Instructure, the company that owns Canvas, has told us that after reviewing the situation with an independent security firm, there is no sign that anyone kept access to the system, accessed NMSU user accounts, or took any additional data.
Instructure, a web-based learning management system containing teachers' and students' data across the United States was disabled Thursday, with one group claiming responsibility for the breach, according to wral.com. New Mexico State University is among thousands of schools nationwide who are affected.
Earlier Thursday, a hacker group called "ShinyHunters" said it was responsible for a data breach of Instructure, which manages the Canvas system for several schools across the country. The group said it would release data it acquired through the breach unless it was paid a ransom.
"Instead of contacting us, to resolve it, they ignored us and did some 'security patches,'" the group wrote in the note. The group said affected schools could negotiate a settlement and had until May 12 to do so.
This is a developing story and will be updated as more information becomes available. Last updated 5/8/26 at 8:50am