Dear parent/carer,
We are writing to let you know about a recent security incident involving Instructure, the supplier that provides our Canvas/ALO learning platform.
We have now been informed that some data held in that supplier system relating to Activate Learning staff and students was accessed and stolen by an unauthorised actor.
Instructure’s current public update says the information involved can include names, email addresses, student ID numbers and messages among users, and that it has found no evidence at this stage that passwords, dates of birth, government identifiers or financial information were involved.
Increased vigilance
While we’ve had assurances that the ALO platform is still completely safe to use, the most immediate concern is that stolen contact information may be used in convincing scam messages or calls.
Please urge your child to be cautious of any communication claiming to be from Activate Learning, Canvas, IT, student support or another trusted organisation if it creates urgency, asks for payment, asks for personal information, asks your child to reveal a password or one-time security code, or asks for a sign-in request to be approved.
If your child receives a suspicious email, text or call, do not use the contact details in that message.
Instead, they should end the contact and reach us via Activate Learning’s Data Protection Officer. Please also remind your child not to share passwords or one-time codes, and not to approve an unexpected sign-in request.
We’re sorry for any concern this may cause. If our review shows that a learner had additional specific data affected, we are contacting those individuals directly.
If you or your child receives a suspicious personal email, it can be forwarded to the Data Protection Officer.
Kind regards
Activate Learning