Students alter data during Canvas glitch

Canvas had a security breach allowing 3 Weber State University students to go in and change course data.

Three Weber State University students attempted to alter course data during a statewide Canvas update Tuesday that inadvertently gave students temporary instructor-level access.

In a memo to all WSU faculty members sent out today, Andrea Jensen, director of WSU Online, stated the instructors in the three classes where students changed grades were contacted today. However, Jensen was unavailable to comment on which courses were altered, who teaches those courses, and what data the three students attempted to change.

“It’s not safe to assume that the students changed grades,” said John Kowalewski, executive director of University Communications.

According to a press release issued by Utah Education Network and Instructure, the company that hosts Canvas, the statewide unauthorized access occurred from 12:30-1:45 a.m. and 11-11:30 a.m.

Kowalewski said that, out of more than 20,000 WSU students who use Canvas, only 46 had instructor-level access.

“To the best of our knowledge, those 46 students only had that access during the first time period,” Kowalewski said.

Out of the 174,000 students in the Utah System of Higher Education, 278 students were given teacher-level access during these two time periods, according to UEN and Instructure. Those students were thus able to view grades and “39 changes were made.”

Jensen’s memo stated, “An activity log provided by Instructure . . . allows us to see every score, assignment or quiz that was viewed or altered and restore the original information.”

Kowalewski said he believes it will be up to those individual faculty members to determine what, if any, course of action they would like to pursue.