Berklee has confirmed that a data breach occurred at Instructure, the third-party vendor that provides our Canvas LMS. While this incident occurred on Instructure’s systems and was not a breach of Berklee’s internal networks, our institution is among those affected.
Impact Assessment The Berklee Information Security team has identified that the following information was compromised: User Data: Names and Berklee email addresses. Institutional Identifiers: Student ID numbers. Communications: Private messages exchanged within the Canvas inbox.
Confirmed Secure Systems Berklee OnePass Credentials: Login passwords remain secure and were not part of this breach. Financial & Sensitive Data: No social security numbers, government identifiers, or billing data were involved. Berklee Internal Networks: Our campus networks remain secure and unaffected.
Instructure and the Berklee Information Security team continue to monitor this situation and will provide updates as they come in.
Posted May 06, 2026 - 13:19 EDT
Investigating
Berklee has been made aware of a data breach occurring at Instructure, the third-party vendor that provides our Canvas LMS.
Our Information Security team is currently investigating the potential impact on the Berklee community. Preliminary information suggests that student names, ID numbers, and communications within the Canvas Inbox may have been compromised.
It is important to note that this incident occurred on Instructure’s systems and is not the result of a breach of Berklee’s internal systems or networks.
What we know currently: Berklee OnePass/Logins: Not affected. Financial/Social Security Data: Not affected. Berklee Networks: Secure and unaffected.
We will provide further updates as our investigation continues and as more information is released by Instructure.