Canvas outage disrupts Houston-area students after cybersecurity incident

Canvas went offline for Houston-area campuses Thursday, cutting University of Houston students and faculty off from the platform they use for assignments, announcements, readings and exams as finals approached. Texas Southern University, the University of Houston-Downtown, Houston City College and Prairie View A&M were also caught in the disruption, and Texas A&M University reported problems as well.

The outage traced back to a cybersecurity incident at Instructure, the company that runs Canvas. Instructure first posted about the incident on May 1, said the problem appeared contained on May 2, and reported on May 6 that Canvas was fully operational with no ongoing unauthorized activity. The company said the affected information may have included names, email addresses, student ID numbers and messages among users, but it had found no evidence that passwords, dates of birth, government identifiers or financial information were involved at that stage.

For students across Harris County, the practical hit was immediate. Canvas is more than a gradebook. University of Houston says instructors use it to communicate with students, deliver course materials, administer exams and hold group sessions online. When the system faltered, students lost a central way to reach class pages, turn in work and get urgent updates from faculty.

University of Houston said its UIT team was actively investigating and monitoring the issue. UHD describes its Canvas system as cloud-hosted by Instructure and says its goal is availability 24 hours a day, 365 days a year, a reminder of how disruptive even a short outage can be when the semester is ending and deadlines are stacking up.

Texas A&M maintains a Canvas issues and updates page for users reporting slowness and errors, reflecting how deeply the platform is embedded in daily instruction at major Texas universities. The problem was not limited to Houston or even Texas. Schools including the University of Iowa, Virginia Tech and Harvard were also reporting the same issue, suggesting a broad national disruption tied to the same incident.

Instructure recommended that customers enforce multifactor authentication on privileged accounts, review admin access and rotate API tokens or keys where applicable. For Houston-area students and faculty, the lasting concern is straightforward: access to the classroom platform can shape whether assignments are submitted, messages are seen and grades are posted on time.