Instructure has reported a further security incident affecting Canvas. Your FeedbackFruits data and systems are not affected. Here's what's happening and what you can do.
What happened
At approximately 20:41 UTC on May 7th, Instructure reported a new phase in the ongoing Canvas security incident. This follows the incident from May 1st (see here and here).
To be precise about scope: this is an Instructure/Canvas incident, not a FeedbackFruits incident. Our systems and data are not affected, nor are they the cause. Our knowledge is limited to what Instructure has shared publicly. We'll pass on further details as they become available.
The full timeline from our side is on our status page.
What we're seeing
A number of institutions have started treating their Canvas environment as untrusted until the picture clears up. Several have asked us to isolate their FeedbackFruits integration from Canvas in the meantime.
We want to make that option clearly and immediately available to everyone.
What isolation means in practice
- FeedbackFruits cannot be launched from within Canvas for the duration of the isolation.
- Your data is fully preserved on FeedbackFruits servers. Nothing is lost.
- All access through Canvas is suspended: launching activities, grade passback, enrolment and group sync, calendar updates.
We're also actively exploring options for running FeedbackFruits activities outside of Canvas, so ongoing courses can keep moving if your institution decides to step back from Canvas for a period. We'll share concrete guidance on this as soon as we have it.
How to request isolation
Email your Partner Success Manager with integrations@feedbackfruits.com in copy. We'll action your request as a priority.
Where to follow updates