When Canvas Went Down, So Did the Classroom

The rubric was locked inside the software. The software was down. And a student had seven hours left.

That was the situation facing a professor at Washington University in St. Louis last week, when Canvas—the learning management system used by roughly 40 percent of North American colleges—went offline following a ransomware attack. The hackers, reportedly linked to previous breaches at Google and Ticketmaster, threatened to release the personal data of 275 million Canvas users unless Instructure, the company behind the platform, paid up. They chose their moment deliberately: finals week, when the leverage is highest and the tolerance for disruption is lowest.

What unfolded over the next 24 hours was less a cybersecurity incident than a stress test of how thoroughly universities have handed over their core functions to outside software providers—and what it costs, in human terms, when those providers fail.

A Day Spent Fighting the Tools

The professor's account, published in The Atlantic, reads less like a crisis dispatch than a quiet comedy of compounding absurdities. Unable to access Canvas, he couldn't see his own grading rubric—the document he himself had written—to advise a panicked student on how to approach her final project. Unable to email his class directly, because student-faculty communication had been routed through Canvas, he logged into Workday, the enterprise software his university had spent hundreds of millions of dollars implementing, to find a course roster and send a message through an interface he barely recognized. He wasn't sure the message went through.

Late that night, Canvas briefly came back. He extended the deadline to noon the next day and sent an announcement. He also sent the same message through Workday, just in case, and noted in each message that he had sent the same thing through the other platform. "Out of an abundance of caution," he wrote—and then admitted he no longer knew what, exactly, he was being cautious about.

The next morning, Canvas went down again. This time, the university itself had pulled the plug, preemptively, to prevent further exposure. A colleague in computer science raised the obvious question in the faculty Slack: why had so many universities placed their faith in a single outsourced provider? An IT staff member responded by advising everyone to submit a ticket for any Canvas or Workday problems. The professor composed a reply. Then deleted it.

One student couldn't log in at all—not because Canvas was down, but because her phone had died, and two-factor authentication requires a working mobile device. She emailed her project as an attachment. Just in case.

The Architecture of a Single Point of Failure

Sponsored

Advertise with Us

[email protected]

Sponsored

The timing of this attack was not incidental. Ransomware groups targeting hospitals have long understood that the highest-value moment to strike is when lives are most directly on the line. The logic applied here is structurally identical: hit an educational platform during finals week, and suddenly the hostage isn't just data—it's thousands of students' academic records, grades, and deadlines.

This leverage exists because of a decade-long consolidation in educational technology. Where universities once maintained their own systems—imperfect, aging, but locally controlled—most have migrated to a small number of cloud-based SaaS platforms. Canvas, Blackboard (now Anthology), and Moodle together serve the vast majority of higher education globally. The efficiency gains are real. So is the concentration of risk.

When a single platform serves 40 percent of North American colleges, a single successful attack doesn't disrupt one institution. It disrupts thousands simultaneously, at the worst possible moment, with no immediate fallback. The professor's university had no pre-established protocol for how to close out a semester without Canvas. The answer, when it came, was to use a different piece of software.

What the Rubric Reveals

There's a subtler problem embedded in this story, one that goes beyond infrastructure resilience.

The rubric—the detailed grading criteria the professor had written for his assignment—existed only inside Canvas. He could not consult his own judgment criteria without the platform's permission. When his student asked whether changing her project plan would hurt her grade, he could not answer. Not because he didn't know, but because the software that held his knowledge was unavailable.

This is worth sitting with. The rubric was invented to reduce arbitrariness in grading, to make assessment more transparent and consistent. But it has also become a data-collection instrument—a way for universities to demonstrate "learning outcomes" to accreditation bodies, to roll up results into institutional reports, to justify the software that generates those reports. The professor notes this circularity without quite naming it: the rubric justifies Canvas, Canvas hosts the rubric, and when Canvas disappears, so does the professor's ability to exercise professional judgment in the moment it's most needed.

Software designed to support teaching had become, structurally, a precondition for it.

The Nostalgia Isn't Just Nostalgia

At one point during the outage, the professor watched an episode of Mad Men in which characters communicate via pay phones that may or may not connect. He reflects that nostalgia for the 20th century is, in part, a longing for a time when human interactions felt more direct—even when they failed. A failed call from a pay phone was still a human act. A downed platform is a system failure that no one chose and no one can fix by trying harder.

This isn't technophobia. It's a precise observation about what happens when the infrastructure of communication becomes opaque and centralized. Students emailed their projects "just in case." They asked for confirmation of confirmation. Every interaction was saturated with anxiety not because the stakes were unusually high, but because the tools had made ordinary uncertainty feel unmanageable.

The professor ended his exchange with the student whose phone had died with two words: "What a world." He then waited, hoping she wouldn't ask for explicit confirmation that he'd received her reply. An hour passed. She didn't. He felt relief at the small ambiguity—a sliver of human understanding that didn't require a platform to exist.