Security built on responsibility, openness, and trust.
At Entry Point North, we empower the people who safeguard our skies — and that includes safeguarding the systems and data that support their work.
We take information security, privacy, and operational stability seriously, and we see them as part of our responsibility to our students, customers, and partners.
This page gives you insight into how we work with security and trust: our principles, certifications, and the measures we take to protect information and ensure reliable operations — today and as we continue to improve for tomorrow.
Updates
2026-05-05 – Information regarding security incident connected to Canvas
This is to inform you of a security incident involving a third‑party learning management system (LMS) provider, Instructure, that we use to deliver parts of our services.
Instructure is the provider of the LMS platform Canvas and the impacted platforms are Canvas/Catalog.
What has happened
The LMS provider, Instructure Inc., has notified us of a security incident within their environment. Upon being informed, we immediately engaged with the provider to understand the scope of the incident, assess any potential impact on our customers, and ensure that appropriate containment and remediation measures were taken.
What data has been exposed
Based on the information currently available, the incident has resulted in unauthorized access to certain data stored within the LMS platform. The types of data affected include name and email (used to log into Canvas/Catalog) as well as conversations that have taken place inside the platform. There is currently no indication that any other information has been exposed.
What is EPN doing
While the incident did not originate within our own IT environment, protecting the confidentiality, integrity, and availability of our customers’ data remains a responsibility we take very seriously. We are working closely with the provider, have requested detailed assurances regarding corrective actions, and are reviewing our third‑party risk and oversight measures as a result of this incident. We have taken risk mitigating measures and have updated admin passwords and rotated API keys.
All active and historic data subjects will be informed via email or inside Canvas.
—
As a precaution, we recommend that you remain alert to any unusual or unexpected communications and follow security best practices.
We are committed to transparency and will continue to share relevant updates as we receive further confirmed information from the provider.
If you have any questions or would like further information, please contact us.