A major cybersecurity breach has impacted multiple school districts across the Charlotte region, raising concerns for thousands of students and families.
Charlotte-Mecklenburg Schools, Rock Hill School District, York School District, and Clover School District were all affected after hackers accessed data through the Canvas learning platform.
Canvas is operated by Instructure, which confirmed the breach involved unauthorized access by what it described as a “criminal threat actor.”
The company reported the incident on May 1 and said it was contained by May 2. However, officials say some user information may have been exposed during the attack.
Potentially compromised data includes names, email addresses, student ID numbers, and messages between users on the platform.
The breach could have far-reaching implications. One report estimates that data from nearly 9,000 schools, colleges, and programs worldwide may have been involved.
Not all local schools were impacted. The Fort Mill School District, Lancaster Schools, Winthrop, and other local institutions using other platforms—such as Google Classroom or Brightspace—were not affected by this incident.
Even so, school officials are urging families to remain cautious. Students and parents should avoid clicking unexpected emails or suspicious links and report any unusual activity to their school.
For the Charlotte region, the breach highlights growing cybersecurity risks in education systems. As schools rely more on digital platforms, they are becoming larger targets for cyberattacks.
Officials say the situation is under control, but the investigation is ongoing as districts continue assessing the full scope of the impact.
