Dartmouth College
Company Details
Linkedin ID:
dartmouth-college
Website:
Employees number:
6,301
Number of followers:
130,595
NAICS:
6113
Industry Type:
Homepage:
dartmouth.edu
IP Addresses:
26
Company ID:
DAR_1748810
Scan Status:
Completed
Dartmouth College Company CyberSecurity Posture
dartmouth.edu
Dartmouth educates the most promising students and prepares them for a lifetime of learning and of responsible leadership, through a faculty dedicated to teaching and the creation of knowledge.
Dartmouth College A.I CyberSecurity Scoring
Dartmouth College Risk Score (AI oriented)Between 0 and 549
Dartmouth College
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Dartmouth College Global Score (TPRM)XXXX
Dartmouth College
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Dartmouth College Company CyberSecurity News & History
Past Incidents
5
Attack Types
3
Dartmouth College
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Dartmouth College experienced a **data breach** between **August 9–12, 2025**, after cybercriminals exploited vulnerabilities in its inadequately secured network. The breach resulted in unauthorized access to sensitive personal information of **tens of thousands of individuals**, including **names, Social Security numbers, financial account details, and credit/debit card information**. The compromised data poses severe risks, such as **identity theft, financial fraud, and potential sale on the dark web**. A forensic investigation confirmed the breach, and Murphy Law Firm is now pursuing a **class action lawsuit** on behalf of affected individuals to recover damages. The exposure of such highly sensitive data undermines trust in the institution and leaves victims vulnerable to long-term exploitation by cybercriminals. The breach highlights critical failures in Dartmouth’s cybersecurity measures, raising concerns over its ability to protect personal and financial data from future attacks. Legal action is being evaluated to hold the institution accountable for negligence in safeguarding confidential information.
Dartmouth College
Cyber Attack
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Dartmouth College fell victim to a cyberattack targeting a zero-day vulnerability in Oracle E-Business Suite (EBS) software, exploited by the Russian cybercriminal group **Clop**. The breach occurred between **August 9–12, 2025**, resulting in the theft of sensitive personal and financial data belonging to **over 35,000 individuals** across multiple U.S. states, including **31,000 in New Hampshire alone**. Compromised information included **Social Security numbers, financial account details, and names**, exposing victims to risks like identity theft and fraud. Dartmouth notified regulators in Maine, California, Texas, and New Hampshire, offering affected individuals **one year of credit monitoring**. The attack was part of a broader campaign exploiting the same Oracle EBS flaw, impacting other high-profile organizations like **Cox Enterprises, Canon (U.S. subsidiary), Envoy Air, the Washington Post, and Harvard University**. Dartmouth applied Oracle’s security patch post-breach and involved law enforcement. The incident underscores the severe consequences of third-party software vulnerabilities in critical institutional systems, with long-term reputational and financial repercussions for the college and its stakeholders.
Dartmouth College
Ransomware
Rankiteo Explanation
Attack threatening the organization's existence
Description: Dartmouth College, an Ivy League research university, suffered a data breach in August 2025 after hackers exploited a zero-day vulnerability in its Oracle E-Business Suite software. The breach, attributed to the Clop (Cl0p) ransomware gang, compromised sensitive personal and financial data—including names, Social Security numbers, and financial account information—of over **35,000 individuals**, primarily affecting residents of New Hampshire (31,742 victims). While Dartmouth has not confirmed whether a ransom was paid, Clop publicly claimed responsibility on its leak site in November 2025, aligning with its pattern of data extortion rather than encryption. The attack targeted a widely used enterprise system, leveraging the same Oracle vulnerability exploited in prior breaches at institutions like Harvard, Canon, and Mazda. Dartmouth offered affected individuals free identity theft protection via Experian, acknowledging the severe risk of fraud and identity theft. The incident marks one of the largest ransomware attacks on a U.S. educational institution in 2025, underscoring vulnerabilities in higher education cybersecurity and the escalating threat posed by ransomware groups exploiting zero-day flaws.
Dartmouth College
Ransomware
Rankiteo Explanation
Attack threatening the organization's existence
Description: Dartmouth College suffered a major cybersecurity breach after the **Cl0p ransomware gang** exploited a **zero-day vulnerability (CVE-2025-61884)** in its **Oracle E-Business Suite (EBS)** system. The attackers gained unauthorized access between **August 9–12, 2025**, exfiltrating **226GB of sensitive data**, including **Social Security numbers (SSNs), bank account details (with routing numbers), personal names, and other PII** of at least **1,494 individuals** (primarily Maine residents), though the total impact is likely far larger. Despite Oracle releasing patches in **October 2025**, Dartmouth’s forensic investigation confirmed the breach only on **October 30, 2025**, with Cl0p later **leaking the stolen data** on its dark web site in **November 2025**. The incident highlights the gang’s targeted campaign against **higher education institutions** via unpatched EBS vulnerabilities, exposing victims to **identity theft, financial fraud, and long-term reputational harm**. The breach underscores critical failures in **patch management, access controls, and incident response** within the college’s ERP infrastructure.
The John Sloan Dickey Center for International Understanding at Dartmouth: Dartmouth College data breach exposes personal information of 40,000
Ransomware
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: This story was originally produced by the Valley News. NHPR is republishing it in partnership with the Granite State News Collaborative. More than 40,000 people in New Hampshire and Vermont may have been impacted by a data breach in a system used by Dartmouth College. Last week, Dartmouth started mailing letters to the people whose personal information was included in data stolen over three days in early August. During that time, an “unauthorized actor” was able to access Dartmouth College files and take data, including “one or more” files that had personal information such as names, Social Security numbers and financial account information, according to reports Dartmouth filed with the offices of the attorneys general of New Hampshire and Vermont last week. The breach was part of a widespread attack on the Oracle eBusiness Suite, a platform Dartmouth and many other companies use to manage operations. A ransomware group has been taking credit for the attack and it has identified more than 100 companies impacted by the breach, according to reporting from SecurityWeek. “This incident was not the result of any ‘phishing’ attack on a member of the Dartmouth community or any other action or inaction on Dartmouth’s part,” college spokesperson Jana Barnello said. After Oracle reported the security breach in early October, Dartmouth launched an investigation “as quickly as possible” to identify the impacted data and respond, Barnello said Monday. It “took time” to review all o
Dartmouth College Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Dartmouth College
Incidents vs Higher Education Industry Average (This Year)
Dartmouth College has 471.43% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
Dartmouth College has 525.0% more incidents than the average of all companies with at least one recorded incident.
Incident Types Dartmouth College vs Higher Education Industry Avg (This Year)
Dartmouth College reported 4 incidents this year: 1 cyber attacks, 2 ransomware, 0 vulnerabilities, 1 data breaches, compared to industry peers with at least 1 incident.
Incident History — Dartmouth College (X = Date, Y = Severity)
Dartmouth College cyber incidents detection timeline including parent company and subsidiaries
Dartmouth College Company Subsidiaries
Dartmouth educates the most promising students and prepares them for a lifetime of learning and of responsible leadership, through a faculty dedicated to teaching and the creation of knowledge.
Loading...
Dartmouth College Similar Companies
University of Alberta
The University of Alberta is one of Canada’s top teaching and research universities, with an international reputation for excellence across the humanities, sciences, creative arts, business, engineering, and health sciences. Home to more than 39,000 students and 15,000 faculty and staff, the univers
University of Cincinnati
The University of Cincinnati, top 5 university for co-op, offers students a balance of educational excellence and real-world experience. Since its founding in 1819, UC has been the source of many discoveries creating positive change for society, including the first antihistamine, the first co-op edu
Washington University in St. Louis
Washington University in St. Louis, a medium-sized, independent university, is dedicated to challenging its faculty and students alike to seek new knowledge and greater understanding of an ever-changing, multicultural world. The university has played an integral role in the history and continuing gr
University of Iowa
From the health sciences to the arts, our aim is to provide a diverse and technologically advanced community where all can work together to achieve excellence. On our beautiful campus spanning the Iowa River, our faculty and staff enjoy access to an array of cultural, educational, and recreational a
University of California, Davis
UC Davis was founded in 1908 to serve the state of California. We do and we always will. Today, that seed planted years ago has grown into one of the world’s top universities. UC Davis has a community of faculty and staff who are leading the way in teaching, research, public service and patient car
University of Minnesota
One of the nation’s largest schools, the University of Minnesota offers baccalaureate, master’s, and doctoral degrees in virtually every field—from medicine to business, law to liberal arts, and science and engineering to architecture. The University of Minnesota system is made up of five campuses
Université de Montréal
Université de Montréal and its two affiliated schools, Polytechnique Montréal and HEC Montréal, is Quebec's biggest university complex and one of the largest in North America. Its 450,000 graduates make their presence felt around the globe and in every sphere of activity. Since 2018, UdeM has consis
RMIT University
RMIT is a global university of technology, design and enterprise. One of Australia's original tertiary institutions, RMIT University enjoys an international reputation for excellence in professional and vocational education, applied research, and engagement with the needs of industry and the commun
Colorado State University
At Colorado State, there’s this energy we all share—this undeniable excitement for what’s next. And it’s a feeling you can only find here. As you choose a college, one of the biggest questions most students have is what to study. At Colorado State, we offer over 250 programs, over 50 minors, and se
.png)
Dartmouth College CyberSecurity News
November 26, 2025 08:41 PM
At least 35,000 impacted by Dartmouth College breach through Oracle EBS campaign
More than 35000 people across multiple states had information stolen by hackers who attacked Dartmouth College during a campaign against a...
November 26, 2025 01:16 PM
College confirms data breach after Clop extortion attack
Dartmouth College confirms a major data breach after Clop hackers exploited an Oracle zero-day flaw, stealing Social Security and financial...
November 26, 2025 08:09 AM
Dartmouth College Confirms Data Theft in Oracle Hack
Dartmouth College confirmed suffering a data breach after cybercriminals targeted its Oracle E-Business Suite (EBS) instance.
November 12, 2025 08:00 AM
UK's Cyber Security and Resilience Bill makes Parliamentary debut
UK government introduced the Cyber Security and Resilience (CSR) Bill to Parliament today, marking a significant overhaul of local...
November 03, 2025 08:00 AM
US cybersecurity experts indicted for BlackCat ransomware attacks
Three former employees of cybersecurity incident response companies DigitalMint and Sygnia have been indicted for allegedly hacking the...
October 09, 2025 07:00 AM
Two UMassD PhD alumni begin tenure-track faculty positions at top institutions this fall
This fall, two recent UMass Dartmouth PhD graduates are starting the next chapter of their academic journeys as tenure-track faculty at...
September 04, 2025 07:05 PM
Important Dates for Graduate Admissions
UMass Dartmouth makes admissions decisions for graduate students on a rolling basis. Programs may close once they reach capacity.
July 23, 2025 07:00 AM
Mindgard appoints industry veterans to lead AI security expansion
Mindgard appoints cybersecurity veteran Aaron Portnoy and SaaS leader Tom Axbey to spearhead its AI security expansion and offensive testing...
July 19, 2025 07:00 AM
AI Therapy: Dartmouth Study Reveals Promising Results & Future Outlook
A groundbreaking study from Dartmouth College offers compelling evidence for the effectiveness of AI-powered chatbots in mental health...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Dartmouth College CyberSecurity History Information
Official Website of Dartmouth College
The official website of Dartmouth College is http://home.dartmouth.edu.
Dartmouth College’s AI-Generated Cybersecurity Score
According to Rankiteo, Dartmouth College’s AI-generated cybersecurity score is 425, reflecting their Critical security posture.
How many security badges does Dartmouth College’ have ?
According to Rankiteo, Dartmouth College currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Dartmouth College have SOC 2 Type 1 certification ?
According to Rankiteo, Dartmouth College is not certified under SOC 2 Type 1.
Does Dartmouth College have SOC 2 Type 2 certification ?
According to Rankiteo, Dartmouth College does not hold a SOC 2 Type 2 certification.
Does Dartmouth College comply with GDPR ?
According to Rankiteo, Dartmouth College is not listed as GDPR compliant.
Does Dartmouth College have PCI DSS certification ?
According to Rankiteo, Dartmouth College does not currently maintain PCI DSS compliance.
Does Dartmouth College comply with HIPAA ?
According to Rankiteo, Dartmouth College is not compliant with HIPAA regulations.
Does Dartmouth College have ISO 27001 certification ?
According to Rankiteo,Dartmouth College is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Dartmouth College
Dartmouth College operates primarily in the Higher Education industry.
Number of Employees at Dartmouth College
Dartmouth College employs approximately 6,301 people worldwide.
Subsidiaries Owned by Dartmouth College
Dartmouth College presently has no subsidiaries across any sectors.
Dartmouth College’s LinkedIn Followers
Dartmouth College’s official LinkedIn profile has approximately 130,595 followers.
NAICS Classification of Dartmouth College
Dartmouth College is classified under the NAICS code 6113, which corresponds to Colleges, Universities, and Professional Schools.
Dartmouth College’s Presence on Crunchbase
No, Dartmouth College does not have a profile on Crunchbase.
Dartmouth College’s Presence on LinkedIn
Yes, Dartmouth College maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/dartmouth-college.
Cybersecurity Incidents Involving Dartmouth College
As of December 03, 2025, Rankiteo reports that Dartmouth College has experienced 5 cybersecurity incidents.
Number of Peer and Competitor Companies
Dartmouth College has an estimated 14,329 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Dartmouth College ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font family calls RelinquishMagickMemory on _drawInfo->font, freeing the font string but leaving _drawInfo->font pointing to freed memory while _drawInfo->family is set to that (now-invalid) pointer. Any later cleanup or reuse of _drawInfo->font re-frees or dereferences dangling memory. DestroyDrawInfo and other setters (Options::font, Image::font) assume _drawInfo->font remains valid, so destruction or subsequent updates trigger crashes or heap corruption. This vulnerability is fixed in 7.1.2-9 and 6.9.13-34.
Risk Information
cvss3
Base: 4.9
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Description
FeehiCMS version 2.1.1 has a Remote Code Execution via Unrestricted File Upload in Ad Management. FeehiCMS version 2.1.1 allows authenticated remote attackers to upload files that the server later executes (or stores in an executable location) without sufficient validation, sanitization, or execution restrictions. An authenticated remote attacker can upload a crafted PHP file and cause the application or web server to execute it, resulting in remote code execution (RCE).
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Description
PHPGurukul Billing System 1.0 is vulnerable to SQL Injection in the admin/index.php endpoint. Specifically, the username parameter accepts unvalidated user input, which is then concatenated directly into a backend SQL query.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Description
NMIS/BioDose software V22.02 and previous versions contain executable binaries with plain text hard-coded passwords. These hard-coded passwords could allow unauthorized access to both the application and database.
Risk Information
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
NMIS/BioDose V22.02 and previous versions' installation directory paths by default have insecure file permissions, which in certain deployment scenarios can enable users on client workstations to modify the program executables and libraries.
Risk Information
cvss3
Base: 8.0
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
cvss4
Base: 7.1
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=dartmouth-college' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
