Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Clackamas Community College

Clackamas Community College Vendor Cyber Rating & Cyber Score

clackamas.edu

Students at all stages of their life and careers find the programs and classes they need at Clackamas Community College. Whether you’re starting your four-year degree or beginning a new chapter in your working life, we’ve got what you need. CCC offers a variety of transfer degrees and more than 80 career and technical programs that range from short-term training to two-year associate degrees. We can also help you complete your high school diploma or GED. And if you’re looking for classes for personal enrichment, CCC also offers many community education classes. I am Clackamas.


CCC A.I CyberSecurity Scoring

CCC
Company Information
Website:http://clackamas.edu
Employees number:901
Number of followers:22,961
NAICS:6113
Industry Type:Higher Education
Homepage:clackamas.edu
CCC Risk Score (AI oriented)
Between 0 and 549
logo
CCCHigher Education
Updated:
09/03/2026
354/1000
Critical
C
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
CCC Global Score (TPRM)
xxxx
logo
CCCHigher Education
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

CCC
CCCCritical
Current Score
354C (CRITICAL)
01000
5 incidents
-89.6 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
385Before Incident
JUNE 2026
380Before Incident
MAY 2026
370Before Incident
APRIL 2026
365Before Incident
MARCH 2026
354Before Incident
FEBRUARY 2026
352Before Incident
JANUARY 2026
419Before Incident
Breach
12 Jan 2026CCC
Clackamas Community College: Clackamas Community College Data Breach Claims Investigated by Lynch Carpenter

Clackamas Community College Data Breach

340After Incident
CRITICAL-79
CLA1768259339
Clackamas Community College Data Breach Exposes Sensitive Information of 33,000 Individuals On January 12, 2026, Clackamas Community College in Oregon disclosed a cybersecurity incident that compromised the personal data of approximately 33,000 individuals. An unauthorized actor accessed the college’s network, potentially acquiring records containing highly sensitive personally identifiable information (PII). The exposed data includes names combined with: - Dates of birth - Social Security numbers - Student records - Government and tax identification numbers - Medical information - Passport numbers - Financial account details The breach is under investigation by Lynch Carpenter LLP, a national class action law firm, which is reviewing potential legal claims on behalf of affected individuals. Clackamas Community College has not yet provided further details on the timeline of the breach or the methods used by the attacker. The incident highlights the growing risk of large-scale data exposures in educational institutions, where sensitive records are frequently targeted. Affected individuals may face heightened risks of identity theft and financial fraud due to the breadth of compromised information.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Personally identifiable information (PII) including names, dates of birth, Social Security numbers, student record information, government identification numbers, tax identification numbers, medical information, passport numbers, and financial account informationIdentity Theft Risk: HighPayment Information Risk: High
DATA BREACH
Personally Identifiable Information (PII)Medical InformationFinancial Account InformationNumber Of Records Exposed: 33,000Sensitivity Of Data: HighNamesDates of BirthSocial Security NumbersGovernment Identification NumbersTax Identification NumbersPassport Numbers
DECEMBER 2025
493Before Incident
Breach
18 Dec 2025CCC
Clackamas Community College: Clackamas College Data Breach Affects 33,381 Individuals

Clackamas Community College Data Breach

414After Incident
CRITICAL-79
CLA1768252531
Clackamas Community College Data Breach Exposes Sensitive Information of 33,381 Individuals On December 18, 2025, Clackamas Community College (CCC) disclosed a data breach affecting 33,381 individuals across the U.S. The incident stemmed from unauthorized access to a limited number of the college’s systems, with an unknown third party exfiltrating files on October 24, 2025. Suspicious activity was first detected on September 10, 2025, when unusual behavior was identified on a user account, prompting an immediate reset. Further investigation revealed additional unauthorized access, leading CCC to engage a forensic security firm to contain the threat and assess the scope of the breach. The exposed data includes highly sensitive information such as names, dates of birth, Social Security numbers, student records, government and tax identification numbers, medical details, passport numbers, and financial account information. The breach was reported to state authorities, including the Maine Attorney General, Massachusetts Office of Consumer Affairs and Business Regulation, and Vermont Attorney General. In response, CCC is offering affected individuals a complimentary one-year membership to IDX’s credit monitoring and identity theft protection services. While no evidence of misuse has been found, the college has provided guidance on enrolling in monitoring, placing fraud alerts, and reporting suspicious activity to financial institutions or law enforcement. Detailed instructions are available in the college’s official notice.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Names, dates of birth, Social Security numbers, student record information, government identification numbers, tax identification numbers, medical information, passport numbers, financial account informationSystems Affected: Small number of the college’s systemsIdentity Theft Risk: HighPayment Information Risk: High
DATA BREACH
Type Of Data Compromised: Personal and sensitive informationNumber Of Records Exposed: 33,381Sensitivity Of Data: HighData Exfiltration: YesPersonally Identifiable Information: Names, dates of birth, Social Security numbers, student record information, government identification numbers, tax identification numbers, medical information, passport numbers, financial account information
NOVEMBER 2025
490Before Incident
OCTOBER 2025
620Before Incident
Ransomware
29 Oct 2025CCC
Clackamas Community College, Fall River Public Schools and Pell City School System: Clackamas Community College notifies 33,000+ people of data breach that leaked SSNs, student records, and more

Clackamas Community College Ransomware Attack and Data Breach

485After Incident
CRITICAL-135
CLAKLAPEL1767980336
Clackamas Community College Hit by Second Ransomware Attack in Two Years, Exposing 33,000 Individuals Clackamas Community College in Oregon has notified 33,381 individuals of a data breach discovered in October 2025, marking its second ransomware attack in two years. The compromised data includes names, Social Security numbers, student records, government and tax ID numbers, medical information, passport numbers, and financial account details. The ransomware group Medusa claimed responsibility for the attack on October 29, 2025, demanding a $300,000 ransom for 1.2 terabytes of stolen data. The gang posted sample documents as proof of the breach, though Clackamas has not verified the claim. It remains unclear whether the college paid the ransom or how the attackers gained access. According to Clackamas’ notice, suspicious activity was first detected on September 10, 2025, prompting an account reset. A second incident on October 24, 2025, led to a forensic investigation, which confirmed unauthorized access and data exfiltration on the same day. The college is offering affected individuals one year of free credit monitoring and identity theft protection through IDX. Medusa, a ransomware-as-a-service (RaaS) operation active since 2019, has been linked to 154 attacks in 2025 alone, with 32 publicly acknowledged by victims. The group’s average ransom demand is $529,000, and it has targeted multiple U.S. schools this year, including Laurens County School District 56 (SC), Fall River Public Schools (MA), and Franklin Pierce Schools (WA). Clackamas’ previous breach in January 2024, which exposed 8,797 individuals, was attributed to the LockBit ransomware group. Across the U.S., 49 confirmed ransomware attacks on educational institutions in 2025 have compromised over 3.8 million records, disrupting operations such as attendance tracking, grading, communications, and payroll. Some schools, including Oakland Community School District 5 (IL) and Pell City School System (AL), have refused to pay ransoms, risking prolonged downtime and data loss. Clackamas Community College serves approximately 20,000 students across its three Oregon campuses.
INCIDENT DETAILS -
TYPE
Ransomware
MOTIVATION
Financial gain
IMPACT
Data Compromised: 33,381 recordsSystems Affected: Small number of systemsOperational Impact: Containment efforts to prevent widespread operational impactIdentity Theft Risk: High (due to exposure of SSNs, passport numbers, financial account info, etc.)Payment Information Risk: High (financial account info compromised)
DATA BREACH
NamesSocial Security numbersStudent recordsGovernment ID numbersTax ID numbersMedical infoPassport numbersFinancial account infoNumber Of Records Exposed: 33,381Sensitivity Of Data: High (PII, financial, medical, and government IDs)Data Exfiltration: Yes (1.2 terabytes claimed by Medusa)Data Encryption: Yes (ransomware encryption)Personally Identifiable Information: Yes
OCTOBER 2025
699Before Incident
Breach
24 Oct 2025CCC
Clackamas Community College: Clackamas Community College Data Breach Lawsuit Investigation

Clackamas Community College Data Breach

620After Incident
CRITICAL-79
CLA1768252483
Clackamas Community College Data Breach Exposes Sensitive Information of Over 33,000 Individuals Clackamas Community College, a public two-year institution in Oregon with campuses in Oregon City, Clackamas, and Wilsonville, is investigating a data breach that compromised the personal information of 33,381 individuals across the U.S. The breach was first detected on September 10, 2025, when suspicious activity was identified in a user account. Despite resetting the account, further unauthorized access occurred on October 24, 2025, prompting the college to engage a forensic security firm. The investigation confirmed that an unauthorized third party accessed and exfiltrated files containing sensitive data. By December 18, 2025, the college determined that personally identifiable information had been exposed. Affected individuals began receiving written notifications on January 8, 2026, with the breach impacting residents in multiple states, including one in Maine and nine in Massachusetts. Exposed data includes: - Full names - Dates of birth - Social Security numbers - Student records - Government and tax identification numbers - Medical information - Passport numbers - Financial account details In response, Clackamas Community College is offering affected individuals a complimentary one-year membership of credit monitoring and identity theft protection services through IDX. The college has also advised impacted parties to monitor their accounts, place fraud alerts or credit freezes, and report any suspicious activity to authorities. Legal firms, including Shamis & Gentile P.A., are investigating potential compensation claims for those affected. The breach underscores the ongoing risks of unauthorized access to educational institutions’ systems and the far-reaching consequences of exposed personal data.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Sensitive personally identifiable informationIdentity Theft Risk: HighPayment Information Risk: High
DATA BREACH
NameDate of birthSocial Security numberStudent record informationGovernment identification numberTax identification numberMedical informationPassport numberFinancial account informationNumber Of Records Exposed: 33,381Sensitivity Of Data: HighData Exfiltration: YesPersonally Identifiable Information: Yes
OCTOBER 2025
775Before Incident
Breach
10 Oct 2025CCC
Clackamas Community College: Data breach at Clackamas Community College prompts class-action lawsuit

Clackamas Community College Data Breach and Class-Action Lawsuit

699After Incident
CRITICAL-76
CLA1772317459
Clackamas Community College Faces Class-Action Lawsuit Over Data Breach Clackamas Community College is at the center of a class-action lawsuit following a data breach that exposed sensitive student information. The incident was first detected on September 10, 2023, when suspicious activity was identified on a network user account, prompting an immediate reset. However, further unauthorized access was discovered on October 24, leading the college to contain its systems and enlist a forensic security firm to investigate. An investigation later revealed that an unauthorized third party accessed college files in late October 2023, though affected individuals were not notified until January 8, 2024. The breach compromised personal data, including names, dates of birth, tax identification numbers, passport details, financial accounts, and health information. The lawsuit, filed in federal court in Portland, alleges the college failed to adequately protect student data by storing it in an unencrypted, internet-accessible environment. The named plaintiff, Aidan Zahn, reported a surge in spam calls following the breach, which he links to the exposed information. The suit seeks unspecified compensatory and punitive damages, along with a court order for the college to provide at least 10 years of credit monitoring for impacted individuals. At least 100 people are part of the alleged class, with the college’s attorney granted until mid-March 2024 to respond to the allegations. The case is one of three lawsuits filed against the college this year, all assigned to U.S. Magistrate Judge Jolie A. Russo and likely to be consolidated. A spokesperson for the college has not yet commented on the suit.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Personal data, including names, dates of birth, tax identification numbers, passport details, financial accounts, and health informationCustomer Complaints: Surge in spam calls reported by affected individualsLegal Liabilities: Class-action lawsuit seeking compensatory and punitive damagesIdentity Theft Risk: HighPayment Information Risk: High
DATA BREACH
NamesDates of birthTax identification numbersPassport detailsFinancial accountsHealth informationSensitivity Of Data: HighData Encryption: No (data stored unencrypted)Personally Identifiable Information: Yes
SEPTEMBER 2025
775Before Incident
AUGUST 2025
775Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for CCC ?
?
What was CCC's A.I Rankiteo Cyber Score in June 2026 ?
?
What was CCC's A.I Rankiteo Cyber Score in May 2026 ?
?
What was CCC's A.I Rankiteo Cyber Score in April 2026 ?
?
What was CCC's A.I Rankiteo Cyber Score in March 2026 ?
?
What was CCC's A.I Rankiteo Cyber Score in February 2026 ?
?
What was CCC's A.I Rankiteo Cyber Score in January 2026 ?
?
What was CCC's A.I Rankiteo Cyber Score in December 2025 ?
?
What was CCC's A.I Rankiteo Cyber Score in November 2025 ?
?
What was CCC's A.I Rankiteo Cyber Score in October 2025 ?
?
What was CCC's A.I Rankiteo Cyber Score in September 2025 ?
?
What was CCC's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on CCC's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with CCC ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view CCC's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?