Subject: Canvas Data Breach Notification
On the afternoon of Tuesday, May 5, 2026, Dixon Public Schools was informed by Instructure of a recent data breach within their Canvas Learning Management System. The data breach allowed unauthorized access to certain information stored within their systems. A third party has claimed responsibility for accessing a database containing student and staff records.
According to the investigation, the schools impacted are Dixon High School and Reagan Middle School and the data potentially accessed includes:
Full names and email addresses
Course enrollment information
Canvas messages between users
The safety and privacy of our students are top priorities. Our Technology Department is in direct communication with Instructure to determine the full extent of the impact on Dixon Public Schools. We are also reviewing internal security protocols and third-party vendor requirements to prevent future occurrences. Instructure will follow up with information and resources to help any people impacted.
Our school district takes data security very seriously and has several robust measures in place to safeguard our systems:
Two-Factor Authentication: For key systems, staff must verify their identity with a second factor, such as a security key or text message authentication, in addition to their password.
Processes and procedures for systems that control where key information is stored.
Access security best practices and internal controls that restrict who has rights to view, add/delete, or edit information.
We understand this news is concerning. We will continue to provide updates as more information becomes available from Instructure. If you have any immediate questions, please contact James Manley at jmanley@dps170.org.
Sincerely,
James Manley
Director of Technology
Margo Empen
Superintendent of Schools