Restoration of Quercus Access
Incident
Report for ITS System
Resolved
Update – May 11, 2026 – 18:45 EDT
Instructure, the third‑party provider that delivers Quercus (Canvas), continues to address an ongoing cybersecurity incident. The University of Toronto is beginning a phased restoration of access to Quercus starting this evening, with availability increasing gradually over the next 48 hours.
During this period, some users may regain access earlier than others, and certain features may be limited or unavailable. We expect full functionality to return next week, pending continued validation of the platform’s security.
If you encounter issues with Quercus:
Students: Please contact your instructor
Instructors: Please contact your chair or designated academic lead
Staff: Please contact your supervisor
Due to the upcoming holiday weekend and University closure on Friday, May 15, response times may be delayed. Normal support levels will resume when the University reopens on Tuesday, May 19.
There remains no evidence that other University of Toronto systems or assets have been compromised.
Users are reminded to follow security best practices, including:
Using strong, unique passwords
Enabling multi‑factor authentication (MFA) where available
Remaining vigilant for phishing—the University will never ask you to bypass MFA or provide MFA codes
Thank you for your patience as we continue to safely restore Quercus services. Further updates will be provided as information becomes available.
Please continue to monitor UTogether for updates:
https://www.utoronto.ca/utogether/community-updates
Instructure, the third‑party provider that delivers Quercus (Canvas), continues to address an ongoing cybersecurity incident. The University of Toronto is beginning a phased restoration of access to Quercus starting this evening, with availability increasing gradually over the next 48 hours.
During this period, some users may regain access earlier than others, and certain features may be limited or unavailable. We expect full functionality to return next week, pending continued validation of the platform’s security.
If you encounter issues with Quercus:
Students: Please contact your instructor
Instructors: Please contact your chair or designated academic lead
Staff: Please contact your supervisor
Due to the upcoming holiday weekend and University closure on Friday, May 15, response times may be delayed. Normal support levels will resume when the University reopens on Tuesday, May 19.
There remains no evidence that other University of Toronto systems or assets have been compromised.
Users are reminded to follow security best practices, including:
Using strong, unique passwords
Enabling multi‑factor authentication (MFA) where available
Remaining vigilant for phishing—the University will never ask you to bypass MFA or provide MFA codes
Thank you for your patience as we continue to safely restore Quercus services. Further updates will be provided as information becomes available.
Please continue to monitor UTogether for updates:
https://www.utoronto.ca/utogether/community-updates
Monitoring
Quercus – Limited Access Enabled for Outstanding Winter Marks
Update – May 11, 2026 – 18:00 EDT
Instructure, the third‑party provider that delivers Quercus (Canvas), continues to address an ongoing cybersecurity incident. As a precaution, general access to Quercus remains suspended.
To support the timely completion of Winter Session marks and pending graduations, limited, time‑bound access to Quercus has been enabled for a small group of instructors who have outstanding marks to submit. Eligible instructors are being contacted directly with instructions.
This temporary access is intended only to retrieve information necessary to finalize and submit marks. Use of other Quercus functionality is not recommended. While there is no evidence that accessing Quercus during this period poses a risk to individual computers, the University is still seeking independent confirmation that the environment is fully clear of persistent threat actor presence before restoring broader access.
There remains no evidence that other University of Toronto systems or assets have been compromised. Access to Quercus through U of T web properties continues to be restricted for the broader community, and users may see the message: “You are not eligible for the service requested.” This behaviour is expected.
Further updates will be provided as more information becomes available. Please continue to monitor UTogether for community updates:
https://www.utoronto.ca/utogether/community-updates
Update – May 11, 2026 – 18:00 EDT
Instructure, the third‑party provider that delivers Quercus (Canvas), continues to address an ongoing cybersecurity incident. As a precaution, general access to Quercus remains suspended.
To support the timely completion of Winter Session marks and pending graduations, limited, time‑bound access to Quercus has been enabled for a small group of instructors who have outstanding marks to submit. Eligible instructors are being contacted directly with instructions.
This temporary access is intended only to retrieve information necessary to finalize and submit marks. Use of other Quercus functionality is not recommended. While there is no evidence that accessing Quercus during this period poses a risk to individual computers, the University is still seeking independent confirmation that the environment is fully clear of persistent threat actor presence before restoring broader access.
There remains no evidence that other University of Toronto systems or assets have been compromised. Access to Quercus through U of T web properties continues to be restricted for the broader community, and users may see the message: “You are not eligible for the service requested.” This behaviour is expected.
Further updates will be provided as more information becomes available. Please continue to monitor UTogether for community updates:
https://www.utoronto.ca/utogether/community-updates
Identified
Instructure, the third‑party provider that provides Quercus, is currently experiencing an ongoing cybersecurity incident. As a precautionary measure, the University of Toronto has suspended access to Quercus until further notice.
Some users may still be able to access Quercus. Use of the service is not recommended at this time.
There is currently no evidence to suggest that other University of Toronto systems or assets have been compromised. As part of our response, the University of Toronto has removed access to Quercus through U of T web properties. Users attempting to log in may see the message: “The application you have accessed is not registered for use with this service.” This behaviour is expected.
Thank you for your patience as we continue to manage this ongoing security incident. Further updates will be provided as information becomes available. Please see UTogether: https://www.utoronto.ca/utogether/community-updates
Some users may still be able to access Quercus. Use of the service is not recommended at this time.
There is currently no evidence to suggest that other University of Toronto systems or assets have been compromised. As part of our response, the University of Toronto has removed access to Quercus through U of T web properties. Users attempting to log in may see the message: “The application you have accessed is not registered for use with this service.” This behaviour is expected.
Thank you for your patience as we continue to manage this ongoing security incident. Further updates will be provided as information becomes available. Please see UTogether: https://www.utoronto.ca/utogether/community-updates
Investigating
We are aware of an issue currently impacting access to Quercus. We are in contact with the vendor in pursuit of a resolution on an urgent basis. Please also see: https://www.utoronto.ca/utogether/community-updates.
Thank you for your patience.
Thank you for your patience.
This incident affected: Academic ToolBox (Quercus).