Omaha Public Schools Data Not Impacted by Canvas Security Incident
Omaha Public Schools Data Not Impacted by Canvas Security Incident
![Omaha Public Schools Announcement]([{"url":"https://resources.finalsite.net/images/f_auto,q_auto,t_image_size_1/v1757345132/wwwopsorg/rczh6mqczwscvqid7ruv/AnnouncementLogo.png","width":256},{"url":"https://resources.finalsite.net/images/f_auto,q_auto,t_image_size_2/v1757345132/wwwopsorg/rczh6mqczwscvqid7ruv/AnnouncementLogo.png","width":512},{"url":"https://resources.finalsite.net/images/f_auto,q_auto/v1757345132/wwwopsorg/rczh6mqczwscvqid7ruv/AnnouncementLogo.png","width":600}])
Update:
On May 26, 2026, Instructure, Inc., owner of the Canvas learning management platform, confirmed that Omaha Public Schools was not impacted by the May data breach detailed below.
Posted May 8, 2026:
This week, we learned that a security incident at Canvas, a cloud-based learning management platform used by Omaha Public Schools, potentially impacted our district along with other K-12 and higher education institutions nationwide.
It is important to note: No Omaha Public Schools systems were involved in the security incident.
The security incident happened within the Canvas platform, which is owned by Instructure, Inc. The company has engaged with experts to investigate the incident and will continue to keep us updated. The extent of the incident and the impact are still under investigation.
Our district uses Canvas in connection with middle and high school classes, throughout the Omaha Virtual School and for staff professional learning. According to the company, the potentially impacted information includes student and staff names, email addresses, student/staff ID numbers, school or work locations and messages sent within the Canvas platform.
We do not yet know the extent to which any information from our district may be involved. We are communicating directly with you because of how seriously we take our responsibility to students, staff and families.
As Instructure, Inc. investigates and addresses the reported incident, Canvas is currently operational for our district. Our Omaha Public Schools Information Management Systems team has been actively engaged and is vigilantly monitoring district systems. We have high expectations for vendor partners and will review practices and procedures to provide the best possible data security for those we serve.
We recommend all members of the Omaha Public Schools community stay especially vigilant for “phishing” messages. Here are several signs of someone trying to access your personal information:
- Urgent call to action or threats
- First time or infrequent senders
- Incorrect spelling or grammar
- Suspicious links or unexpected attachments
- An email address that does not match the company it claims to be from
- An unrecognized request for access
If a message seems suspicious, do not engage. If you receive an unprompted request for two-factor authentication, do not click it! Flag it and report it to helpdesk@ops.org.