THE UST Cloud Campus will be placed under security maintenance as part of precautionary measures following a cyberattack on the learning management system (LMS) Canvas.
According to a memorandum from the Office of Information and Communication Technology (OICT), the security maintenance will begin on Saturday, May 9, and continue until Sunday, May 10, during which a system-side re-login and account reauthentication will occur.
“This precautionary measure is intended to strengthen access security controls and reduce the risk of unauthorized access to the UST Cloud Campus,” the May 8 memorandum said.
“By requiring users to verify their identity again, the University helps ensure that only properly authenticated users regain access to the UST Cloud Campus,” it added.
Thomasians were advised to save necessary course files or assignment drafts until Friday, May 8, the OICT said.
Thomasians were also instructed to enable multi-factor authentication on their UST Google Workspace accounts for added security and to change their account passwords.
OICT reminded Thomasians to be vigilant against phishing attacks, citing examples of deception such as threats of account deletion or grade failure, suspicious email senders, invalid web addresses, or requests for sensitive information such as passwords or student ID numbers.
Thomasians may report suspicious emails to the OICT Cybersecurity Team at cybersecurity.ict@ust.edu.ph.
OICT said teaching academic staff were requested to “exercise reasonable flexibility with deadlines, submission, and online activities” during the maintenance period.
‘No indication of unauthorized access’
In another memorandum released May 8, OICT said it was aware of the reported global cybersecurity incident affecting Canvas and was coordinating with developer Instructure to determine whether any UST-related data was compromised.
“At this time, there is no indication of unauthorized access to University systems beyond the reported platform incident,” Asst. Prof. Jerralyn Padua, assistant to the rector for Information and Communications Technology, said.
“Nevertheless, out of an abundance of caution and in line with prudent cybersecurity practices, we strongly encourage all users to update their passwords, enable available security features, and remain vigilant against phishing emails, suspicious links, and other social engineering attempts,” Padua added.
On May 6, Instructure declared its platform to be “fully operational” in a status update after a security breach compromised user data across several institutions.
“While our investigation continues alongside our outside forensics experts, at this stage we believe the incident has been contained,” Steve Proud, Instructure’s Chief Information Security Officer, said on the Canvas status page.
Instructure reported that the breach compromised identifying information, including names, email addresses, student identification numbers, and internal messages.
The company, however, clarified that its investigation had yet to find evidence that sensitive data, such as passwords, dates of birth, government identifiers, or financial information, were stolen.
“If that changes, we will notify any impacted institutions,” it stated.
While the full list of affected schools has yet to be publicly disclosed by Instructure, De La Salle University said on May 7 that it was among the institutions compromised, according to a report by student publication The LaSallian.
Other institutions like Ateneo de Manila University and San Beda University also experienced disruption in their Canvas when the platform turned offline Friday morning due to global system maintenance.
A group of cyberhackers named ShinyHunters claimed responsibility for the attack and reportedly demanded ransom from Instructure to keep the data from public release.
UST migrated to Canvas in 2023 after two decades with Blackboard LMS, turning it into a central hub for the University’s hybrid instruction.
