SINGAPORE, May 10 — The National University of Singapore (NUS) and Singapore Institute of Management (SIM) have asked staff, students and alumni to reset their passwords as a precaution following a global data breach affecting the Canvas learning platform.
In an email sent on May 10 and seen by The Straits Times, NUS said staff and students who had previously logged in to Canvas should reset their NUS passwords.
According to the report, affected users will be prompted to do so when they next access NUS IT services, including email, VPN and other systems requiring NUS authentication.
As it continues to monitor the situation, NUS said Canvas has been placed under controlled access, with only selected users granted access for critical academic or operational needs.
The measure will be in place from May 11 to 14, after which the university will review whether an extension is necessary.
“These steps are intended to mitigate the risk of unauthorised access during this period of increased vigilance,” NUS said in a statement.
Separately, SIM sent an email to its alumni on May 9 advising them to change their passwords on SIM platforms.
It also urged users to update passwords on other accounts where the same credentials are reused, and to remain vigilant against phishing attempts.
The Straits Times reported that SIM warned users to check login pages carefully before entering credentials and to watch for unusual activity such as unexpected pop-ups or prompts for unfamiliar information.
The institutions were among several local and international education providers affected by a major cyberattack on May 7, claimed by the cyberextortion group ShinyHunters, which led to temporary blocking of access to Canvas.
Other institutions reportedly affected include the Singapore College of Insurance, Institute of Singapore Chartered Accountants, NTUC LearningHub, The Learning Lab, KLC International Institute and The Learning Space SG.
