Tilburg University affected by Canvas data leak
Tilburg University confirmed that data of its students and staff were affected by the security incident at Instructure, the developer of the Canvas learning platform. The incident was reported on May 4, with Tilburg University providing an update on May 6, 2026.
Signal context
First seen: May 6, 2026
Last updated: Jul 3, 2026
Status: Public signal
Key points
- Data of Tilburg University students and staff affected by the Canvas data leak.
- The security incident at Instructure was reported on May 4, 2026.
- Tilburg University confirmed its impact on May 6, 2026.
Signal analysis
BetaThis analysis groups the signal by industry, likely incident action and impacted security area. It helps compare this signal with other published signals without treating the labels as final determinations.
Sector: Information
Likely country: 🇳🇱 Netherlands
inferred from source domains
The feed marks multiple actor roles. Treat this as a review signal rather than a final attribution.
- Source type: outside the affected organization
- Source type: possible insider or internal misuse
Impact area: Confidentiality
- 22 signals in the same sector
- 89 signals with the same likely impact area
- 1 signal linked to this organization/domain
External sources
Cyberaanval op Canvas ontregelt onderwijs bij Nederlandse universiteiten - Tweakershttps://tweakers.net/nieuws/236000/cyberaanval-op-canvas-ontregelt-onderwijs-bij-nederlandse-universiteiten.htmlPublic source from tweakers.net.
Gegevens studenten Tilburg University gelekt bij grote cyberaanval op Canvashttps://www.omroeptilburg.nl/regio/tilburg/gegevens-studenten-tilburg-university-gelekt-bij-grote-cyberaanval-op-canvas/Public source from omroeptilburg.nl.
Vrije Universiteit koppelt systemen los na Canvas-hack - Techzine.nlhttps://www.techzine.nl/nieuws/security/578015/vrije-universiteit-koppelt-systemen-los-na-canvas-hack/Public source from techzine.nl.
Studenten zeven Nederlandse universiteiten getroffen door Canvas-datalek - Security.NLhttps://www.security.nl/posting/935599/Studenten+zeven+Nederlandse+universiteiten+getroffen+door+Canvas-datalekPublic source from security.nl.
Datalek bij ontwikkelaar Canvas treft ook Tilburg Universityhttps://www.tilburguniversity.edu/nl/actueel/nieuws/meer-nieuws/datalek-bij-canvasPublic source from tilburguniversity.edu.
Nieuws gerelateerd aan 'CYBERAANVAL' - Omroep Brabanthttps://www.omroepbrabant.nl/tag/CYBERAANVALPublic source from omroepbrabant.nl.
Related signals
Grouped by why the signal is relevant.
Kee Wah Bakery Hit by Ransomware Attack, Data Leak Fears Emerge
Hong Kong's famous Kee Wah Bakery revealed on June 22, 2026, that it was hit by a ransomware attack on its internal network. The incident, which caused network malfunctions last Friday (June 19), targeted systems containing employees' personal data, as well as information related to business partners, online store customers, and mobile app members. While the company could not confirm if data was extracted, it has engaged cybersecurity experts, notified the Office of the Privacy Commissioner for Personal Data and police on Sunday (June 21), and is contacting affected parties as a precautionary measure. No customer payment or credit card information was involved.
French Government Platform Jeveuxaider.gouv.fr Suffers Data Leak Affecting 550,000 Accounts
On June 16, 2026, the French government announced that its volunteering platform, Jeveuxaider.gouv.fr, had been a victim of a personal data leak affecting approximately 550,000 accounts.
Dutch hospitals restore digital access after cyberattack on ChipSoft
On June 12, 2026, reports indicated that Dutch hospitals were restoring digital access following a cyberattack on ChipSoft, a major healthcare software provider. The attack had previously caused patient files to become inaccessible at multiple locations, leading fifteen hospitals to preventively block all electronic patient information. This measure forced doctors to revert to paper records and oral transfers. While the incident was not a data leak in the traditional sense, it was a significant attack on the health infrastructure of the Netherlands, carried out through a single supplier serving numerous hospitals.
South Korea Disputes US Report on Coupang Data Leak Investigation
The South Korean government, on July 3, 2026, disputed a U.S. House Judiciary Committee report claiming discrimination against Coupang, a U.S.-listed e-commerce giant, over a personal data leak incident. The Blue House stated that investigations into Coupang are non-discriminatory and follow domestic legal procedures. The incident, which occurred in 2025, involved a former Chinese employee leaking personal information of over 33 million (or 37 million) South Korean customers.
CTIVD: AIVD en MIVD verwerken persoonsgegevens in bulkdata onrechtmatig
The Dutch intelligence services, AIVD and MIVD, have unlawfully processed personal data in bulk datasets, according to a ruling by the Committee for the Supervision of the Intelligence and Security Services (CTIVD). The report, published on July 1, 2026, states that groups of employees had unauthorized access to personal data, and large quantities of data were stored for too long. The bulk datasets, sometimes containing millions of records, include names, phone numbers, location data, social media data, and communication content, sourced from government agencies, commercially available datasets, or stolen datasets offered by criminals. The CTIVD has issued thirteen recommendations to improve the situation.
eogb.co.uk Hit by Stormous Ransomware Group
eogb.co.uk, a UK-based organization, was claimed as a victim by the Stormous ransomware group. The incident was discovered on June 28, 2026, at 21:29 UTC, with deep access to Microsoft Dynamics GP, internal legal documents, partnership agreements, customer contracts, operational spreadsheets, financial reports, and executive documents.
