ICO affected by IT incidents

A fire in a data centre last week has caused problems with Utrecht University’s network, applications and websites. Utrecht University is our host university, and subsequently host of ICO’s digital systems. This had a significant impact on the day-to-day work. The recovery plan for restarting the servers has been successfully implemented over the past few days. All systems are available again from Monday 18 May and Utrecht University’s buildings have reopened as normal from Monday 18 May. 

A hack of LMS Canvas has affected several universities in the Netherlands, and ICO. ICO uses the free platform of Canvas, to enable cross-university collaboration on our online and blended courses. The data fields involved include information like usernames, email addresses, course names, enrollment information and messages. Core learning data (course content, submissions, credentials) was not compromised. On the 5th of May, Instructure has informed all users that all data has been returned, and no Instructure customers will be extorted as a result of this incident, publicly or otherwise. This agreement covers all impacted Instructure customers, and there is no need for individual customers to attempt to engage with the unauthorized actor.

Instructure is currently working on improving the security of the free platform. As a result, it is temporarily unavailable. Fortunately, no ICO courses are currently running on Canvas, so the impact here also appears to be limited.