Campus Alert Archive
UIUC

ShinyHunters Hits Finals Week: UIUC's Mass Email Postponing Every Final Exam Scheduled May 8-10 After the Canvas Cyberattack

ILotheradvisorymedium confidence
Confirmed Threat

On May 7, 2026, the learning-management platform Canvas was hit by a ShinyHunters cyberattack that replaced its login page with a ransomware message. Within hours, the University of Illinois Urbana-Champaign — one of the largest Canvas customers in the country — announced via mass email Thursday evening that ALL final exams and assignments scheduled for Friday, Saturday, and Sunday (May 8-10, 2026) were postponed. Final exams originally scheduled for May 8 were ultimately rescheduled to Sunday, May 10. UIUC was followed by Virginia Tech, GMU, UVA, and dozens of other institutions in postponing finals.

Alerts
3
Response
Killed
0
Injured
0
Institution
University of Illinois Urbana-Champaign
Public R1 · IL
~56,600 studentsIllini-Alert / Strategic Communications
Confirmed Timeline

Alert Sequence

3 messages in sequence

Some alert texts below are approximate reconstructions from news coverage, not confirmed verbatim transcripts. Reconstructed texts are shown in italic with a dashed border. Verified verbatim texts have a solid border and are marked accordingly.

INITIAL ALERTEmail
Approximate reconstructionReconstructed from UIUC Strategic Communications statement page and WBEZ/Chicago Sun-Times reporting that quoted the Thursday-night postponement email466 chars
Important update from the University of Illinois Urbana-Champaign: Due to an ongoing cybersecurity event affecting Canvas, all final exams and assignments — including papers, projects, etc. — scheduled for Friday, May 8, Saturday, May 9, and Sunday, May 10 are postponed. Instructors will communicate rescheduled dates as Canvas access is restored. We are working with Instructure to assess the scope of the incident. Updates will be posted at stratcom.illinois.edu.

This text has been reconstructed from news coverage and may not reflect the exact original wording.

Reconstructed wording — WBEZ and the Chicago Sun-Times reported the substance of the Thursday-night UIUC mass email but did not publish the verbatim text; the Strategic Communications statement page hosts the running institutional update
UIUC was among the FIRST major R1s to announce a blanket multi-day finals postponement — within hours of the May 7 evening attack
The phrase 'including papers, projects, etc.' is consistent with multiple outlet quotes from the UIUC Provost-office email
UPDATEEmail+13 h
Approximate reconstructionReconstructed from WCIA reporting confirming UIUC's Friday-morning communication that finals remained rescheduled while Canvas access was being progressively restored410 chars
Canvas Update – Friday, May 8: Canvas access is being progressively restored, but the university advises against using the platform for high-stakes activities until a full security review is complete. May 8 finals remain rescheduled. Faculty will communicate revised exam dates directly. The Cybersecurity event is being treated as a Community Advisory; there is no impact to student physical safety on campus.

This text has been reconstructed from news coverage and may not reflect the exact original wording.

Reconstructed wording — WCIA confirmed the Friday-morning update but did not publish the verbatim text
The explicit statement that this is a 'Community Advisory' with 'no impact to student physical safety' is consistent with how UIUC differentiated this from emergency-notification-grade Clery alerts
Faculty discretion in setting revised exam dates is a UIUC standard practice that preserves academic-unit autonomy
UPDATEEmail+3d
Approximate reconstructionReconstructed from WBEZ Chicago reporting confirming UIUC's Monday-evening final-restoration message450 chars
Canvas Restored — Finals Rescheduling Complete: Instructure has confirmed that Canvas is fully operational following last week's cybersecurity incident. May 8 final exams were rescheduled to Sunday, May 10. Affected data was limited to names, email addresses, student ID numbers, and inter-user messages — no passwords, dates of birth, government identifiers, or financial information were compromised. We thank the campus community for its patience.

This text has been reconstructed from news coverage and may not reflect the exact original wording.

Reconstructed wording — WBEZ confirmed the substance of the Monday-evening message but did not publish the verbatim text
The Sunday-May-10 rescheduling of Friday-May-8 finals is unusual — Mother's Day is an unusual finals day and drew commentary in multiple outlets
Confirmation that no passwords/SSN/financial data were exposed is a direct quote of Instructure's published assessment, used by virtually every affected institution in its institutional communications
Context

Background

The University of Illinois Urbana-Champaign is the flagship R1 public research university of the University of Illinois system, enrolling about 56,600 students. On Thursday evening, May 7, 2026, the Canvas learning-management platform was struck by a ShinyHunters cyberattack that replaced its login page with a ransomware message and threatened to leak student data unless paid by May 12. With approximately 9,000 institutions worldwide using Canvas, the attack rippled across higher education in the middle of finals week. UIUC was among the first R1 universities to announce a blanket finals postponement, issuing a mass email Thursday evening declaring that ALL final exams and assignments scheduled for May 8-10 were postponed. The UIUC Strategic Communications office continued to issue updates as Canvas access was progressively restored. Final exams originally scheduled for Friday, May 8 were rescheduled to Sunday, May 10 — Mother's Day — drawing widespread commentary. Instructure later confirmed that affected data was limited to names, email addresses, student ID numbers, and inter-user messages. The case illustrates a relatively new category of campus 'alert': not an emergency-notification under Clery, not a timely warning, but a Community Advisory issued at scale when a third-party technology vendor's outage cascades into the academic infrastructure. UIUC's choice to use its mass-notification email channel — rather than the Illini-Alert SMS emergency-system — is itself a Clery-classification decision: the Canvas hack was not an immediate threat to student physical safety, even as it forcibly rescheduled the academic calendar of more than 50,000 students.
Analysis

Key Findings

UIUC was among the FIRST R1 publics to announce a blanket multi-day finals postponement in response to the Canvas ShinyHunters attack — within hours of the May 7 attack
UIUC deliberately used its mass-email Community Advisory channel rather than Illini-Alert SMS, signaling that this was a Clery 'advisory' (informational) rather than an 'emergency notification' (immediate physical-safety threat)
Rescheduling Friday May 8 finals to Sunday May 10 — Mother's Day — became a national news story in itself and reflected the constraint of the academic calendar (commencement loomed the following week)
The Canvas incident represents an emerging category in this archive: vendor-driven campus advisories that affect tens of thousands of students simultaneously without involving any campus-physical-safety threat
Outcome
All finals scheduled May 8-10 at UIUC were rescheduled. May 8 finals moved to Sunday, May 10. Per Instructure, the breach exposed names, email addresses, student ID numbers, and inter-user messages but not passwords, SSNs, dates of birth, or financial information. UIUC's Strategic Communications office issued multiple updates over the following 5 days as Canvas access was restored.
Provenance

Sources

  1. Official
    Ongoing cybersecurity event affecting Canvas (UIUC Strategic Communications)
    stratcom.illinois.edu
  2. News
    Canvas hack leads U. of I. to postpone finals, schools scramble without popular learning tool (WBEZ Chicago)
    wbez.org
  3. News
    U. of I. reschedules finals after learning platform Canvas reaches deal with hackers (WBEZ Chicago)
    wbez.org
  4. News
    UIUC postpones finals and assignments amid widespread Canvas cybersecurity breach (Capitol City Now)
    capitolcitynow.com
  5. News
    UPDATE: Canvas restored at U of I, final exams rescheduled (WCIA)
    wcia.com
  6. Source
    2026 Canvas security incident (Wikipedia)
    en.wikipedia.org
Tags
advisorycybersecuritycanvas-hackshinyhunterspublic-r1illinoisfinals-weekvendor-incidentnon-physical-threatmass-email-advisorymay-2026-canvas-incident
Added May 2026Updated May 2026Via ingestion