NYC School District Hit by Malware and Canvas Platform Hack
AI-generated from multiple sources. Verify before acting on this reporting.
NEW YORK — The New York City School District confirmed on Thursday that it was the target of a coordinated cyberattack involving malware and an unauthorized breach of its Canvas learning management system. The incident, detected late Wednesday evening, has disrupted access to digital classrooms and administrative tools for students and staff across the city.
The district’s IT security team identified the intrusion at approximately 6:39 p.m. local time on May 7, 2026. Initial assessments indicate that malicious software was deployed across multiple internal networks, while attackers simultaneously gained access to the Canvas platform, which hosts course materials, assignments, and student records. The dual-pronged assault has forced the district to temporarily disable several online services as investigators work to contain the threat.
“We are treating this as a serious security incident,” said Dr. Elena Martinez, the district’s chief information officer, during a press briefing Thursday morning. “Our priority is restoring secure access for students and educators while ensuring no sensitive data has been compromised.”
The attack has affected all 1,800 schools in the district, with varying degrees of disruption. Some campuses reported being unable to access grade books or submit digital homework, while others experienced complete shutdowns of their internal communication systems. Parents expressed concern over potential exposure of student information, though the district has not confirmed any data exfiltration.
Cybersecurity experts note that educational institutions have become increasingly frequent targets of ransomware and data theft operations in recent years. The Canvas platform, widely used by schools nationwide, has been the subject of previous vulnerabilities, though no specific exploit was identified in this case.
The district has engaged third-party forensic specialists to analyze the scope of the breach and determine the origin of the attack. Law enforcement agencies, including the FBI’s Cyber Division, have been notified and are assisting in the investigation. No group has claimed responsibility, and the motive remains unclear.
Officials are working around the clock to restore systems and have advised students and staff to use alternative communication channels until further notice. A dedicated hotline has been established for affected families to report issues or seek guidance.
As of Thursday afternoon, the district had not issued a timeline for full system restoration. Questions remain about whether student data was accessed or stolen, and whether the attackers maintained persistent access to the network. The district promised to provide updates as more information becomes available.