Security Alert: Phishing Email “Canvas Berklee Notification”

Incident Report for Berklee IT Services

Monitoring

Our Information Security team has identified and secured the offending accounts, and the Service Desk worked with any affected users. Thank you to everyone who reported this incident. We will continue to monitor the situation.

The Technology Service Desk
Posted Feb 02, 2026 - 16:10 EST

Identified

Earlier today, our Information Security team identified a new phishing email targeting members of our community.

Email Subject(s) may be: CANVAS BERKLEE NOTIFICATION or CANVAS: BERKLEE COLLEGE OF MUSIC ACTION NOW

The email will appear to come from a Berklee email address.

This email is fraudulent. It states that your Berklee email account is “marked for deactivation”. It also warns you that you will lose access to your “university account and services”. You are then asked to verify your account. This is an attempt to steal your Berklee username and password.

If you received this email: do not click any links, open attachments, provide any sensitive information (passwords, account info), or reply.
Please delete the email immediately.

If you clicked the link and entered your credentials, change your Berklee password immediately: https://berklee.atlassian.net/wiki/x/HABzyQ

Then contact the Technology Service Desk at 2238@berklee.edu

The Information Security team in ITS is aware of the issue and is working to mitigate the situation.
Posted Jan 30, 2026 - 10:30 EST
This incident affects: OnePass Services and OneLogin.
Current Status Powered by Atlassian Statuspage