Council Rock SD secures a $23,500 PCCD grant for penetration testing; Canvas incident under review
June 12, 2026 | Council Rock SD, School Districts, Pennsylvania
This article was created by AI summarizing key points discussed. AI makes mistakes, so for full details and context, please refer to the video of the full meeting. Please report any errors so we can fix them. Report an error »
The board heard two linked IT items: a proposed one‑year, $23,500 contract with Telecom Inc. for network penetration testing (paid for by a Pennsylvania Commission on Crime and Delinquency grant) and an update on a recent Instructure/Canvas incident being investigated by multiple districts.
The Business Administrator explained the Telecom Inc. contract would be paid fully by the PCCD grant and described the work as a deeper step in the district’s cybersecurity program. IT staff (Joe) said the district would evaluate continuing the service if further funding or internal budget capacity becomes available.
On Canvas, IT staff said the vendor reported a breach mechanism that used a free teacher resource; district staff said they have not been notified that any Council Rock data were specifically accessed. “We still to this date do not have a notice of any specific data that was accessed that is Council Rock data,” Joe said. He explained Canvas stores course information, student IDs and email addresses and messaging fields, while primary personally identifiable information (PII) is maintained in the district’s student information system.
The district shut down integrations between Canvas and the SIS as a precaution, which caused temporary workflow issues for teachers and required manual accommodations for assignments and testing. Board members sought clarification on the type of data in Canvas, the independence of Canvas from personnel systems and the district’s plan for continuing BoardDocs while PSBA moves to a new platform.
The Telecom Inc. penetration test and the Canvas briefing will move forward as the administration continues coordination with the grantor and the vendor; no board votes were recorded in the session.
The Business Administrator explained the Telecom Inc. contract would be paid fully by the PCCD grant and described the work as a deeper step in the district’s cybersecurity program. IT staff (Joe) said the district would evaluate continuing the service if further funding or internal budget capacity becomes available.
On Canvas, IT staff said the vendor reported a breach mechanism that used a free teacher resource; district staff said they have not been notified that any Council Rock data were specifically accessed. “We still to this date do not have a notice of any specific data that was accessed that is Council Rock data,” Joe said. He explained Canvas stores course information, student IDs and email addresses and messaging fields, while primary personally identifiable information (PII) is maintained in the district’s student information system.
The district shut down integrations between Canvas and the SIS as a precaution, which caused temporary workflow issues for teachers and required manual accommodations for assignments and testing. Board members sought clarification on the type of data in Canvas, the independence of Canvas from personnel systems and the district’s plan for continuing BoardDocs while PSBA moves to a new platform.
The Telecom Inc. penetration test and the Canvas briefing will move forward as the administration continues coordination with the grantor and the vendor; no board votes were recorded in the session.
Don't Miss a Word: See the Full Meeting!
Go beyond summaries. Unlock every video, transcript, and key insight with a Founder Membership.
✓
Get instant access to full meeting videos
✓
Search and clip any phrase from complete transcripts
✓
Receive AI-powered summaries & custom alerts
✓
Enjoy lifetime, unrestricted access to government data
30-day money-back guarantee
