HPS
Company Details
Linkedin ID:
highline-public-schools
Website:
Employees number:
1,829
Number of followers:
4,897
NAICS:
6111
Industry Type:
Homepage:
highlineschools.org
IP Addresses:
0
Company ID:
HIG_3383009
Scan Status:
In-progress
Highline Public Schools Company CyberSecurity Posture
highlineschools.org
OUR PROMISE: Every student in Highline Public Schools is known by name, strength, and need, and graduates prepared for the future they choose. Highline Public Schools serves over 19,000 students Kindergarten through Grade 12 in the communities of Burien, Des Moines, Normandy Park, SeaTac, Boulevard Park, and White Center in Washington State. The district has 32 schools, employs over 2,000 staff members, and offers a wide variety of educational opportunities from early childhood to college preparation. We are committed to equity in education, high expectations for all, and partnering with families and the community to ensure that all children achieve their potential.
Highline Public Schools A.I CyberSecurity Scoring
HPS Risk Score (AI oriented)Between 650 and 699
HPS
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
HPS Global Score (TPRM)XXXX
HPS
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
HPS Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Highline Public Schools
Ransomware
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Highline Public Schools, a Washington State K-12 school district, experienced a critical ransomware attack resulting in the theft of sensitive data pertaining to students and faculty. Compromised information included personal identification details, financial data, employment and medical records, as well as student-specific academic information. The breach led to a three-day shutdown of school operations. A subsequent investigation prompted enhanced security measures and the incident was reported to federal law enforcement. Affected individuals received free identity protection and are advised to remain vigilant for possible fraudulent use of their data.
HPS Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for HPS
Incidents vs Primary and Secondary Education Industry Average (This Year)
Highline Public Schools has 5.26% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
Highline Public Schools has 28.21% more incidents than the average of all companies with at least one recorded incident.
Incident Types HPS vs Primary and Secondary Education Industry Avg (This Year)
Highline Public Schools reported 1 incidents this year: 0 cyber attacks, 1 ransomware, 0 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.
Incident History — HPS (X = Date, Y = Severity)
HPS cyber incidents detection timeline including parent company and subsidiaries
HPS Company Subsidiaries
OUR PROMISE: Every student in Highline Public Schools is known by name, strength, and need, and graduates prepared for the future they choose. Highline Public Schools serves over 19,000 students Kindergarten through Grade 12 in the communities of Burien, Des Moines, Normandy Park, SeaTac, Boulevard Park, and White Center in Washington State. The district has 32 schools, employs over 2,000 staff members, and offers a wide variety of educational opportunities from early childhood to college preparation. We are committed to equity in education, high expectations for all, and partnering with families and the community to ensure that all children achieve their potential.
Loading...
HPS Similar Companies
Gwinnett County Public Schools
Gwinnett County Public Schools (GCPS), located in the metro Atlanta area, is the largest school system in Georgia and the 11th largest school district in the country, offering education professionals and support staff endless opportunities to SHINE. GCPS is one of the nation’s top urban school dist
Peel District School Board
The Peel District School Board serves more than 156,000 students in kindergarten to grade 12. Operating more than 257 schools in the municipalities of Brampton, Caledon and Mississauga, the Peel board is the largest employer in Peel. At the Peel board, we inspire success, confidence and hope in ea
Austin Independent School District
Austin ISD is a diverse community of more than 10,000 employees, and we recognize that nothing is more essential to a great education system than innovative, talented, passionate educators. Whether you’re a recent graduate or an experienced professional seeking a new career opportunity, AISD has a
Hillsborough County Public Schools
Hillsborough County Public Schools is the seventh largest school district in the nation, with more than 210,000 students. More than 50,000 students attend a school through one of the district’s many school choice programs. HCPS is the largest employer in Hillsborough County, with more than 24,000 e
Cobb County School District
The COBB COUNTY SCHOOL DISTRICT is a public school system with administrative offices based at 514 Glover St., Marietta, GA 30060. Cobb County School District (CCSD) is the second largest school system in Georgia. CCSD is responsible for educating more than 112,000 students in a diverse, constantly
Charlotte-Mecklenburg Schools
The mission of Charlotte-Mecklenburg Schools is to create an innovative, inclusive, student-centered environment that supports the development of independent learners. The vision of Charlotte-Mecklenburg Schools is to lead the community in educational excellence, inspiring intellectual curiosity, c
Prince George's County Public Schools
Prince George's County Public Schools (PGCPS), one of the nation's 25 largest school districts, has 200 schools and centers, more than 133,000 students and 22,000 employees. The school system serves a diverse student population from urban, suburban and rural communities located in the Washington, DC
Dallas Independent School District
The Dallas Independent School District is “one of the nation’s fastest improving school districts,” according to the Council of the Great City Schools. With 230+ schools and approximately 130,000+ students, Dallas ISD is home to two of the top public high schools in the country and boasts a number o
NYC Public Schools
New York City Public Schools (NYCPS) is the largest public school system in the United States, serving approximately 1.1 million students across more than 1,600 schools in all five boroughs. Our schools are powered by over 75,000 teachers and thousands of paraprofessionals, school counselors, social
.png)
HPS CyberSecurity News
April 07, 2025 07:00 AM
Data on over 90K people was taken in Highline schools cyberattack
The Highline Public Schools breach includes data from people who no longer have direct ties the district, including former students,...
April 02, 2025 07:00 AM
Social Security numbers, medical data among info exposed in last fall’s Highline Public Schools cyberattack
A ransomware attack last fall exposed sensitive personal data from Highline Public Schools' computer systems, including Social Security...
April 02, 2025 07:00 AM
Sensitive data was leaked in 2024 Highline Public Schools ransomware attack
Personal information including Social Security numbers was compromised during the ransomware attack that hit Highline Public Schools in...
January 31, 2025 08:00 AM
Ransomware attacks in 2024
The biggest and most high-profile ransomware incidents of 2024, and the consequences for targeted organizations.
January 23, 2025 04:48 PM
PowerSchool data breach: Explaining how it happened
In recent years, multiple types of cyberattacks have become commonplace against educational facilities -- particularly ransomware. The education sector has...
October 21, 2024 07:00 AM
Biggest Education Industry Attacks in 2024
The education sector is increasingly becoming a top target for cybercriminals, with a noticeable rise in cyberattacks aimed at schools and...
October 04, 2024 07:00 AM
Highline Public Schools says ransomware cause of crippled network systems
An investigation by a forensic cybersecurity specialist shows that ransomware was the unauthorized activity spotted a month ago.
October 04, 2024 07:00 AM
Highline Public Schools confirms recent cyberattack was ransomware, working with FBI on investigation
Highline Public Schools this week confirmed that a ransomware attack compromised its digital network in a cyberattack that started Sept.
October 04, 2024 07:00 AM
Highline Public Schools confirms ransomware behind shutdown
On Thursday, K-12 school district Highline Public Schools confirmed that a ransomware attack forced it to shut down all schools in early September.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
HPS CyberSecurity History Information
Official Website of Highline Public Schools
The official website of Highline Public Schools is http://highlineschools.org.
Highline Public Schools’s AI-Generated Cybersecurity Score
According to Rankiteo, Highline Public Schools’s AI-generated cybersecurity score is 674, reflecting their Weak security posture.
How many security badges does Highline Public Schools’ have ?
According to Rankiteo, Highline Public Schools currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Highline Public Schools have SOC 2 Type 1 certification ?
According to Rankiteo, Highline Public Schools is not certified under SOC 2 Type 1.
Does Highline Public Schools have SOC 2 Type 2 certification ?
According to Rankiteo, Highline Public Schools does not hold a SOC 2 Type 2 certification.
Does Highline Public Schools comply with GDPR ?
According to Rankiteo, Highline Public Schools is not listed as GDPR compliant.
Does Highline Public Schools have PCI DSS certification ?
According to Rankiteo, Highline Public Schools does not currently maintain PCI DSS compliance.
Does Highline Public Schools comply with HIPAA ?
According to Rankiteo, Highline Public Schools is not compliant with HIPAA regulations.
Does Highline Public Schools have ISO 27001 certification ?
According to Rankiteo,Highline Public Schools is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Highline Public Schools
Highline Public Schools operates primarily in the Primary and Secondary Education industry.
Number of Employees at Highline Public Schools
Highline Public Schools employs approximately 1,829 people worldwide.
Subsidiaries Owned by Highline Public Schools
Highline Public Schools presently has no subsidiaries across any sectors.
Highline Public Schools’s LinkedIn Followers
Highline Public Schools’s official LinkedIn profile has approximately 4,897 followers.
NAICS Classification of Highline Public Schools
Highline Public Schools is classified under the NAICS code 6111, which corresponds to Elementary and Secondary Schools.
Highline Public Schools’s Presence on Crunchbase
No, Highline Public Schools does not have a profile on Crunchbase.
Highline Public Schools’s Presence on LinkedIn
Yes, Highline Public Schools maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/highline-public-schools.
Cybersecurity Incidents Involving Highline Public Schools
As of December 24, 2025, Rankiteo reports that Highline Public Schools has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Highline Public Schools has an estimated 7,974 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Highline Public Schools ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
How does Highline Public Schools detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an law enforcement notified with yes, and remediation measures with enhanced security measures..
Incident Details
Can you provide details on each incident ?
Title: Highline Public Schools Ransomware Attack
Description: Highline Public Schools, a Washington State K-12 school district, experienced a critical ransomware attack resulting in the theft of sensitive data pertaining to students and faculty. Compromised information included personal identification details, financial data, employment and medical records, as well as student-specific academic information. The breach led to a three-day shutdown of school operations. A subsequent investigation prompted enhanced security measures and the incident was reported to federal law enforcement. Affected individuals received free identity protection and are advised to remain vigilant for possible fraudulent use of their data.
Type: ransomware
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
Impact of the Incidents
What was the impact of each incident ?
Incident : ransomware HIG634040425
Data Compromised: Personal identification details, Financial data, Employment records, Medical records, Student-specific academic information
Downtime: three-day shutdown
Identity Theft Risk: high
Payment Information Risk: high
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Identification Details, Financial Data, Employment Records, Medical Records, Student-Specific Academic Information and .
Which entities were affected by each incident ?
Incident : ransomware HIG634040425
Entity Name: Highline Public Schools
Entity Type: K-12 school district
Industry: Education
Location: Washington State
Response to the Incidents
What measures were taken in response to each incident ?
Incident : ransomware HIG634040425
Law Enforcement Notified: Yes
Remediation Measures: enhanced security measures
Data Breach Information
What type of data was compromised in each breach ?
Incident : ransomware HIG634040425
Type of Data Compromised: Personal identification details, Financial data, Employment records, Medical records, Student-specific academic information
Sensitivity of Data: high
Data Exfiltration: Yes
Personally Identifiable Information: Yes
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: enhanced security measures.
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : ransomware HIG634040425
Data Exfiltration: Yes
Additional Questions
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were personal identification details, financial data, employment records, medical records, student-specific academic information and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were student-specific academic information, financial data, employment records, personal identification details and medical records.
.png)
Latest Global CVEs (Not Company-Specific)
Description
httparty is an API tool. In versions 0.23.2 and prior, httparty is vulnerable to SSRF. This issue can pose a risk of leaking API keys, and it can also allow third parties to issue requests to internal servers. This issue has been patched via commit 0529bcd.
Risk Information
cvss4
Base: 8.8
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. In versions 0.15.2 and prior, an RCE vulnerability exists in useMarkdown.ts, where the markdown-it-mermaid plugin is initialized with securityLevel: 'loose'. This configuration explicitly permits the rendering of HTML tags within Mermaid diagram nodes. This issue has not been patched at time of publication.
Risk Information
cvss3
Base: 9.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Description
continuwuity is a Matrix homeserver written in Rust. Prior to version 0.5.0, this vulnerability allows a remote, unauthenticated attacker to force the target server to cryptographically sign arbitrary membership events. The flaw exists because the server fails to validate the origin of a signing request, provided the event's state_key is a valid user ID belonging to the target server. This issue has been patched in version 0.5.0. A workaround for this issue involves blocking access to the PUT /_matrix/federation/v2/invite/{roomId}/{eventId} endpoint using the reverse proxy.
Risk Information
cvss4
Base: 9.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
LangChain is a framework for building LLM-powered applications. Prior to @langchain/core versions 0.3.80 and 1.1.8, and prior to langchain versions 0.3.37 and 1.2.3, a serialization injection vulnerability exists in LangChain JS's toJSON() method (and subsequently when string-ifying objects using JSON.stringify(). The method did not escape objects with 'lc' keys when serializing free-form data in kwargs. The 'lc' key is used internally by LangChain to mark serialized objects. When user-controlled data contains this key structure, it is treated as a legitimate LangChain object during deserialization rather than plain user data. This issue has been patched in @langchain/core versions 0.3.80 and 1.1.8, and langchain versions 0.3.37 and 1.2.3
Risk Information
cvss3
Base: 8.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
References
- https://github.com/langchain-ai/langchainjs/commit/e5063f9c6e9989ea067dfdff39262b9e7b6aba62
- https://github.com/langchain-ai/langchainjs/releases/tag/%40langchain%2Fcore%401.1.8
- https://github.com/langchain-ai/langchainjs/releases/tag/langchain%401.2.3
- https://github.com/langchain-ai/langchainjs/security/advisories/GHSA-r399-636x-v7f6
Description
LangChain is a framework for building agents and LLM-powered applications. Prior to versions 0.3.81 and 1.2.5, a serialization injection vulnerability exists in LangChain's dumps() and dumpd() functions. The functions do not escape dictionaries with 'lc' keys when serializing free-form dictionaries. The 'lc' key is used internally by LangChain to mark serialized objects. When user-controlled data contains this key structure, it is treated as a legitimate LangChain object during deserialization rather than plain user data. This issue has been patched in versions 0.3.81 and 1.2.5.
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
References
- https://github.com/langchain-ai/langchain/commit/5ec0fa69de31bbe3d76e4cf9cd65a6accb8466c8
- https://github.com/langchain-ai/langchain/commit/d9ec4c5cc78960abd37da79b0250f5642e6f0ce6
- https://github.com/langchain-ai/langchain/pull/34455
- https://github.com/langchain-ai/langchain/pull/34458
- https://github.com/langchain-ai/langchain/releases/tag/langchain-core%3D%3D0.3.81
- https://github.com/langchain-ai/langchain/releases/tag/langchain-core%3D%3D1.2.5
- https://github.com/langchain-ai/langchain/security/advisories/GHSA-c67j-w6g6-q2cm
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=highline-public-schools' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
