Update: Canvas (Learning Management System) Cyber Incident 

We are aware of a cybersecurity incident recently identified by Instructure, the provider of the Canvas learning management system used by Skills Lab. 

Based on information provided by Instructure, this incident occurred within their systems around 25 April 2026 and has involved unauthorised access to some Canvas user data. 

Instructure has advised that the Skills Lab Canvas instance has been impacted by a criminal threat actor who obtained data associated with our students' accounts. 

What this means for students:

At this stage, the types of information that may have been accessed include; 

• Name
• Email address
• Student ID number
• Messages sent within Canvas. 

Importantly, Skills Lab Canvas instance does not contain:

• Dates of birth
• Government ID numbers
• Financial information. 

Our assessment

• This incident relates to the Canvas platform (a third-party provider), not a breach of our internal systems. 
• Instructure has advised that it has taken immediate action to contain the incident, including enhancing security controls and engaging external cybersecurity experts. 

What you should do

At this stage, no immediate action is required, however as a precaution, we recommend:

• Remaining alert to any unexpected emails or messages
• Avoiding clicking on any suspicious links
• Report anything unusual to your IT provider, or if you need more guidance, follow the directions from the Australian Cyber Security Centre. 

We will continue to monitor the situation closely and will provide further updates if required.

If you have any questions or concerns, please contact training@gotoSAGE.com