Dartmouth College A.I CyberSecurity Scoring
Dartmouth College
Company Information
Website:http://home.dartmouth.edu
Employees number:6,372
Number of followers:131,699
NAICS:6113
Industry Type:Higher Education
Homepage:dartmouth.edu
Dartmouth College Risk Score (AI oriented)
Between 0 and 549
Dartmouth CollegeHigher Education
Updated:
29/03/2026
29/03/2026
405/1000
Critical
C
Dartmouth College Global Score (TPRM)
xxxx
Dartmouth CollegeHigher Education
Score locked

Dartmouth CollegeCritical
Current Score
405C (CRITICAL)
01000
4 incidents
-107.75 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
434
JUNE 2026
428
MAY 2026
420
APRIL 2026
414
MARCH 2026
398
FEBRUARY 2026
396
JANUARY 2026
437
Breach
07 Jan 2026 • Dartmouth College
Dartmouth College, Harvard University, Princeton University, Columbia University and Clemson University: Why Cyberattacks in Higher Ed Keep Proliferating
Multiple University Data Breaches Due to Social Engineering Attacks
381
CRITICAL-56
DARHARPRICOLCLE1767881845
Higher Education Under Siege: A Wave of Cyberattacks Exposes Systemic Vulnerabilities
In the first half of 2025, a surge of cyberattacks has targeted major U.S. universities, exposing critical weaknesses in higher education’s cybersecurity defenses. The University of Pennsylvania, Harvard University, and Princeton University all reported breaches within the past two months, following earlier incidents at Columbia University, Dartmouth College, and New York University. Each institution confirmed the attacks stemmed from social engineering, with Harvard and Princeton specifically citing phone-based phishing as the entry point.
Officials at the affected schools stated they acted swiftly to contain the breaches and are reinforcing security measures. However, experts warn that universities face an uphill battle. Mike Corn, a former chief information security officer in higher education and current consultant at Vantage Technology, noted that colleges operate like "small cities," with decentralized networks, personal devices, and diverse user behaviors creating countless vulnerabilities. Even robust investments in cybersecurity, he argued, cannot guarantee immunity from attacks—especially as AI-driven threats grow more sophisticated.
The challenges extend beyond technology. Brian Nichols, CIO at the University of Kentucky, highlighted that while phishing simulations and training have improved awareness, they are not foolproof. Anita Nikolich, director of research and technology innovation at the University of Illinois at Urbana-Champaign, warned that punitive security measures can backfire, alienating faculty who may resist protocols perceived as restrictive. A core tension lies in academic freedom versus centralized IT control: many universities allow individual departments—such as medical or business schools—to maintain separate IT teams, increasing risk. Nikolich, who previously led IT infrastructure at the University of Chicago, described this fragmentation as a "huge risk factor," as decentralized systems complicate consistent security enforcement.
Faculty resistance further complicates the issue. Janice Lanham, a nursing lecturer at Clemson University, nearly fell victim to a phishing scam but caught the deception in time. Yet, as Brian Voss, Clemson’s CIO, observed, some professors view security protocols as obstacles to research and teaching. Voss described a "culture of subservience" in higher-ed IT, where departments prioritize faculty demands over security, often retaining excessive data—including sensitive information like Social Security numbers—despite the risks. His efforts to reduce data storage have met resistance, with one university even retaining personal data for voter registration purposes, creating what he called "piles of gold for bad guys."
The conflict between research needs and security is particularly acute. Nikolich, who also conducts quantum computing research, faced initial pushback when requesting network data for her work. After demonstrating the data’s non-sensitive nature and potential security benefits, she gained access—but noted that other universities default to blanket denials. When researchers are blocked, she warned, they often bypass official channels, increasing exposure.
The solution, Nikolich suggested, lies in collaboration: IT, security teams, and faculty must treat cybersecurity as a shared priority, balancing innovation with protection. Until then, universities remain prime targets—caught between the demands of open academic environments and the escalating sophistication of cyber threats.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
DECEMBER 2025
442
Breach
05 Dec 2025 • Dartmouth College
Data breach at Dartmouth College compromises information of 40,000 people
Dartmouth College Data Breach
371
CRITICAL-71
DAR1764958422
HANOVER, N.H. (WCAX) - A data breach at Dartmouth College compromised the personal information of roughly 40,000 people.
Dartmouth said an unknown person targeted Oracle’s eBusiness Suite software the college uses. Past and present students and employees are affected. Varying levels of personal information were potentially stolen.
Dartmouth is in the process of notifying everyone involved. Multiple other colleges and businesses were victims.
“Dartmouth is notifying and offering support to individuals whose data was included in this incident in accordance with applicable law,” said Dartmouth spokesperson Jana Barnello.
She added that the incident was not the result of any phishing attack on a member of the Dartmouth community or any other action or inaction on Dartmouth’s part.
Copyright 2025 WCAX. All rights reserved.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
NOVEMBER 2025
497
OCTOBER 2025
667
Ransomware
30 Oct 2025 • Dartmouth College
Massive data breach at Dartmouth College exposes Social Security numbers, financial info of 40,000+
Dartmouth College Cybersecurity Breach
490
CRITICAL-177
DAR1764950537
Dartmouth College has confirmed that a cybersecurity breach compromised the personal data of over 40,000 individuals, including nearly 32,000 in New Hampshire and more than 12,000 in Vermont, after hackers exploited a vulnerability in a widely used software system.
The attack, which occurred over a three-day span in early August, targeted the Oracle eBusiness Suite, software used by Dartmouth and other institutions to manage operations.
[RELATED: Dartmouth faculty denounce Trump admin’s higher ed compact as ‘fascist’ and ‘unconstitutional’]
A known ransomware group has claimed responsibility for the breach according to Valley News, which has reportedly affected over 100 organizations.
According to filings with state attorneys general, the compromised data includes names, Social Security numbers, and financial account details.
Dartmouth began notifying victims by mail last week and is offering a year of free identity protection through Experian.
[RELATED: Dartmouth president refuses to join Ivy League push against Trump, pledges institutional neutrality]
Dartmouth says the breach was not caused by phishing or internal user error. After Oracle disclosed the issue in October, the college launched an investigation and confirmed on Oct. 30 that sensitive data had been accessed. Officials said time was needed to review affected files and identify impacted individuals.
In response, Dartmouth has implemented all available security patches and set up a hotline for those affect
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
SEPTEMBER 2025
665
AUGUST 2025
788
Ransomware
09 Aug 2025 • Dartmouth College
Dartmouth College
Dartmouth College Oracle E-Business Suite Data Breach by Cl0p Ransomware Gang
661
CRITICAL-127
DAR1335913112725
Dartmouth College suffered a major cybersecurity breach after the Cl0p ransomware gang exploited a zero-day vulnerability (CVE-2025-61884) in its Oracle E-Business Suite (EBS) system. The attackers gained unauthorized access between August 9–12, 2025, exfiltrating 226GB of sensitive data, including Social Security numbers (SSNs), bank account details (with routing numbers), personal names, and other PII of at least 1,494 individuals (primarily Maine residents), though the total impact is likely far larger. Despite Oracle releasing patches in October 2025, Dartmouth’s forensic investigation confirmed the breach only on October 30, 2025, with Cl0p later leaking the stolen data on its dark web site in November 2025. The incident highlights the gang’s targeted campaign against higher education institutions via unpatched EBS vulnerabilities, exposing victims to identity theft, financial fraud, and long-term reputational harm. The breach underscores critical failures in patch management, access controls, and incident response within the college’s ERP infrastructure.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for Dartmouth College ??
What was Dartmouth College's A.I Rankiteo Cyber Score in June 2026 ??
What was Dartmouth College's A.I Rankiteo Cyber Score in May 2026 ??
What was Dartmouth College's A.I Rankiteo Cyber Score in April 2026 ??
What was Dartmouth College's A.I Rankiteo Cyber Score in March 2026 ??
What was Dartmouth College's A.I Rankiteo Cyber Score in February 2026 ??
What was Dartmouth College's A.I Rankiteo Cyber Score in January 2026 ??
What was Dartmouth College's A.I Rankiteo Cyber Score in December 2025 ??
What was Dartmouth College's A.I Rankiteo Cyber Score in November 2025 ??
What was Dartmouth College's A.I Rankiteo Cyber Score in October 2025 ??
What was Dartmouth College's A.I Rankiteo Cyber Score in September 2025 ??
What was Dartmouth College's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on Dartmouth College's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with Dartmouth College ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view Dartmouth College's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?