Minnesota Zoo
Company Details
Linkedin ID:
minnesota-zoo
Website:
Employees number:
197
Number of followers:
2,345
NAICS:
712
Industry Type:
Homepage:
mnzoo.org
IP Addresses:
0
Company ID:
MIN_3301966
Scan Status:
In-progress
Minnesota Zoo Company CyberSecurity Posture
mnzoo.org
Created by the State of Minnesota, the Minnesota Zoo opened in 1978 with a mission to connect people, animals, and the natural world to save wildlife. Cutting-edge exhibits provide exciting experiences with animals and their habitats introducing guests to species from around the globe. Education programs engage audiences at the Zoo, throughout the region, and around world. Conservation programs protect endangered species and preserve critical ecosystems. Learn more about the Minnesota Zoo—our mission, leadership, and history.
Minnesota Zoo A.I CyberSecurity Scoring
Minnesota Zoo Risk Score (AI oriented)Between 750 and 799
Minnesota Zoo
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Minnesota Zoo Global Score (TPRM)XXXX
Minnesota Zoo
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Minnesota Zoo Company CyberSecurity News & History
Past Incidents
6
Attack Types
3
Metropolitan Council
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The Maine Office of the Attorney General reported a data breach involving the Metropolitan Council on December 6, 2024. The breach occurred between March 27, 2024, and May 27, 2024, affecting 16,935 individuals, including 14 residents of Maine. The compromised information potentially included names, addresses, phone numbers, and social security numbers. The organization is offering 12 months of credit monitoring through IDX.
Minnesota Department of Human Services
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Minnesota Department of Human Services suffered a data breach through an employee’s e-mail account. The attack exposed the personal information of about 11,000 people. The hackers were immediately detected and the servers were secured.
Minnesota Department of Human Services
Data Leak
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Minnesota Department of Human Services (DHS) suffered a data breach incident after a DHS employee accidentally emailed the parent billing statements of 4,307 individuals involved in the program. The billing statements included first and last names, addresses, DHS-generated billing account numbers, and parental fee account activity. DHS implemented new procedures to address the error that led to the incident, and communicated these procedure changes to staff.
Minnesota Department of Human Services (DHS)
Vulnerability
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The Minnesota Department of Human Services (DHS) failed to conduct mandatory security reviews of its Supplemental Nutrition Assistance Program (SNAP) computer system in **2020 and 2023**, as revealed by federal audits. This system stores highly sensitive personal data of over **440,000 SNAP beneficiaries**, including private financial and identification details. The omission of these reviews was attributed to **resource constraints**, leaving the system vulnerable to **un detected security gaps, breaches, or fraud risks**. While the agency claimed compliance in **March 2024** under the new oversight of the Department of Children, Youth and Families (DCYF), beneficiaries expressed deep concerns over **data privacy and trust erosion** in public assistance programs. The exposed vulnerabilities could enable unauthorized access to confidential records, potentially leading to **identity theft, financial fraud, or misuse of personal information**. The audits explicitly warned that such negligence **heightens the likelihood of a breach**, though no confirmed incident was reported. The failure underscores systemic weaknesses in safeguarding critical welfare infrastructure, risking long-term reputational and operational damage.
University of Minnesota
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: In August 2021, the University of Minnesota experienced a data breach involving its **Legacy Data Warehouse**, where unauthorized third parties accessed or acquired personal information of individuals associated with the university from **1989 to August 2021**. The compromised data included records of **prospective students, current/former students, employees, and program participants**, potentially exposing their sensitive details on the dark web. The breach led to a **$5 million class-action settlement**, with affected individuals eligible for a **$30 cash payout and 24 months of dark web monitoring**. The university denied negligence but settled to avoid prolonged litigation. The incident highlighted failures in safeguarding long-term stored data, impacting **decades’ worth of personal records** and prompting legal repercussions. The settlement fund covers administrative costs, attorney fees (up to **$1.67M**), service awards, and claimant payouts, with distributions expected **105 days post-final court approval (January 2026)**. The breach underscored vulnerabilities in legacy systems and the far-reaching consequences of historical data exposure.
University of Minnesota
Breach
Rankiteo Explanation
Attack threatening the organization’s existence
Description: The University of Minnesota confirms that it has contacted law enforcement and is investigating a claimed data breach that officials became aware on July 2021. According to the statement, the "U" hired outside forensics specialists from around the world to investigate reports of a breach and make sure the University's computer systems were safe. The University of Minnesota will provide options to help prevent the exploitation of personal information as well as alert anyone who has been impacted by the alleged breach.
Minnesota Zoo Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Minnesota Zoo
Incidents vs Museums, Historical Sites, and Zoos Industry Average (This Year)
No incidents recorded for Minnesota Zoo in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Minnesota Zoo in 2025.
Incident Types Minnesota Zoo vs Museums, Historical Sites, and Zoos Industry Avg (This Year)
No incidents recorded for Minnesota Zoo in 2025.
Incident History — Minnesota Zoo (X = Date, Y = Severity)
Minnesota Zoo cyber incidents detection timeline including parent company and subsidiaries
Minnesota Zoo Company Subsidiaries
Created by the State of Minnesota, the Minnesota Zoo opened in 1978 with a mission to connect people, animals, and the natural world to save wildlife. Cutting-edge exhibits provide exciting experiences with animals and their habitats introducing guests to species from around the globe. Education programs engage audiences at the Zoo, throughout the region, and around world. Conservation programs protect endangered species and preserve critical ecosystems. Learn more about the Minnesota Zoo—our mission, leadership, and history.
Loading...
Minnesota Zoo Similar Companies
U.S. Navy Reserve
MISSION Throughout all 50 states and around the world, the Navy Reserve force delivers real-world capabilities and expertise to support the Navy mission — building a more lethal, warfighting culture focused on great power competition. VISION The Navy Reserve provides essential naval warfighting cap
Sri Lanka Army
The Army Act was enacted in parliament on the 10th of October 1949 which is recognized as the day, the Ceylon Army was raised. The Army was to be comprised of a Regular and a Volunteer force. In May 1972, when Ceylon became the Republic of Sri Lanka, all Army units were renamed accordingly Regime
United States Army Reserve
The U.S. Army Reserve's mission, under Title 10 of the U.S. code, is to provide trained and ready Soldiers and units with the critical combat service support and combat support capabilities necessary to support nation strategy during peacetime, contingencies and war. The Army Reserve is a key elemen
Canadian Armed Forces | Forces armées canadiennes
A career in the Canadian Armed Forces is more than a way to make a living. It’s a passport to a whole-life experience that will change you and allow you to change the lives of others. Join an organization that offers more than 100 different trades and professions. Obtain world-class qualification
Marine Corps Recruiting
This is the Official LinkedIn Page of Marine Corps Recruiting. We make Marines. We win our nation's battles. We develop quality citizens. These are the promises the Marine Corps makes to our nation and to our Marines. The core values that guide us, and the leadership skills that enable us, not on
United States Marine Corps
The United States Marine Corps (USMC) is a branch of the United States Armed Forces responsible for providing power projection, using the mobility of the United States Navy, by Congressional mandate, to deliver rapidly, combined-arms task forces on land, at sea, and in the air. The U.S. Marine Corps
.png)
Minnesota Zoo CyberSecurity News
November 14, 2025 06:30 PM
New wolf pack comes to Minnesota Zoo
A new pack of young gray wolves moved into their newly renovated home this week at the Minnesota Zoo in Apple Valley.
November 06, 2025 08:00 AM
Look: Cotton-top tamarin monkey born at Minnesota zoo
A Minnesota zoo announced the recent birth of a cotton-top tamarin, a critically-endangered species of monkey native to the tropical forests...
October 29, 2025 07:00 AM
“Snooki” the Loggerhead Sea Turtle Finds Her Forever Home at the Minnesota Zoo
Snooki's journey—from beach rescue to lifelong care—highlights the importance of partnerships between wildlife rehabilitation centers and...
September 26, 2025 07:00 AM
Thousands of pumpkins will hit the Minnesota Zoo as the Jack-O-Lantern Spectacular returns
The annual event features a path decorated with thousands of hand-carved jack-o'-lanterns.
September 25, 2025 07:00 AM
Minnesota Zoo, John Ball Zoo, and Assiniboine Park Conservancy Win National Conservation Award for Their Work to Save Endangered Butterfly
AZA honors collaborative efforts to prevent extinction of the Poweshiek skipperling through innovative breeding, reintroduction,...
September 19, 2025 07:00 AM
Pet goldfish are ruining lakes after heartless owners dumped them there — but a local zoo has a grisly solution
For years, pet goldfish released into US waterways have been wreaking havoc by ballooning to gargantuan sizes and outcompeting native...
July 31, 2025 07:00 AM
Gov. Walz activates Minnesota National Guard to aid St. Paul after cyberattack
Gov. Tim Walz has activated the Minnesota National Guard to assist St. Paul in responding to a cyberattack on the capital city on Tuesday.
July 18, 2025 07:00 AM
Minnesota Zoo euthanizes Amur tiger after cancer diagnosis
The 13-year-old female tiger was born at the zoo in 2012 and gave birth to six cubs there.
April 08, 2025 07:00 AM
Sloth Gives Surprise Birth at Minnesota Zoo: 'It Was a Truly Special Moment'
A 6-year-old, two-toed sloth named Sago unexpectedly went into labor on Wednesday, April 2, Minnesota's Como Park Zoo & Conservatory said in a statement.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Minnesota Zoo CyberSecurity History Information
Official Website of Minnesota Zoo
The official website of Minnesota Zoo is http://mnzoo.org/.
Minnesota Zoo’s AI-Generated Cybersecurity Score
According to Rankiteo, Minnesota Zoo’s AI-generated cybersecurity score is 764, reflecting their Fair security posture.
How many security badges does Minnesota Zoo’ have ?
According to Rankiteo, Minnesota Zoo currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Minnesota Zoo have SOC 2 Type 1 certification ?
According to Rankiteo, Minnesota Zoo is not certified under SOC 2 Type 1.
Does Minnesota Zoo have SOC 2 Type 2 certification ?
According to Rankiteo, Minnesota Zoo does not hold a SOC 2 Type 2 certification.
Does Minnesota Zoo comply with GDPR ?
According to Rankiteo, Minnesota Zoo is not listed as GDPR compliant.
Does Minnesota Zoo have PCI DSS certification ?
According to Rankiteo, Minnesota Zoo does not currently maintain PCI DSS compliance.
Does Minnesota Zoo comply with HIPAA ?
According to Rankiteo, Minnesota Zoo is not compliant with HIPAA regulations.
Does Minnesota Zoo have ISO 27001 certification ?
According to Rankiteo,Minnesota Zoo is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Minnesota Zoo
Minnesota Zoo operates primarily in the Museums, Historical Sites, and Zoos industry.
Number of Employees at Minnesota Zoo
Minnesota Zoo employs approximately 197 people worldwide.
Subsidiaries Owned by Minnesota Zoo
Minnesota Zoo presently has no subsidiaries across any sectors.
Minnesota Zoo’s LinkedIn Followers
Minnesota Zoo’s official LinkedIn profile has approximately 2,345 followers.
NAICS Classification of Minnesota Zoo
Minnesota Zoo is classified under the NAICS code 712, which corresponds to Museums, Historical Sites, and Similar Institutions.
Minnesota Zoo’s Presence on Crunchbase
No, Minnesota Zoo does not have a profile on Crunchbase.
Minnesota Zoo’s Presence on LinkedIn
Yes, Minnesota Zoo maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/minnesota-zoo.
Cybersecurity Incidents Involving Minnesota Zoo
As of December 03, 2025, Rankiteo reports that Minnesota Zoo has experienced 6 cybersecurity incidents.
Number of Peer and Competitor Companies
Minnesota Zoo has an estimated 2,134 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Minnesota Zoo ?
Incident Types: The types of cybersecurity incidents that have occurred include Vulnerability, Data Leak and Breach.
What was the total financial impact of these incidents on Minnesota Zoo ?
Total Financial Loss: The total financial loss from these incidents is estimated to be $5 million.
How does Minnesota Zoo detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with secured servers, and remediation measures with implemented new procedures to address the error, remediation measures with communicated procedure changes to staff, and third party assistance with outside forensics specialists, and and communication strategy with providing options to prevent exploitation of personal information and alerting impacted individuals, and third party assistance with kroll settlement administration llc (settlement administration), and recovery measures with $5 million settlement fund for affected individuals, and communication strategy with direct notices sent to affected individuals in september 2023, communication strategy with public settlement claim process, and remediation measures with security plan review and certification (march 2024), remediation measures with ongoing certification process for 2025, and communication strategy with public statements by dcyf commissioner tikki brown, communication strategy with media coverage via 5 investigates..
Incident Details
Can you provide details on each incident ?
Title: Minnesota Department of Human Services Data Breach
Description: Minnesota Department of Human Services suffered a data breach through an employee’s e-mail account. The attack exposed the personal information of about 11,000 people. The hackers were immediately detected and the servers were secured.
Type: Data Breach
Attack Vector: Email Compromise
Vulnerability Exploited: Compromised Email Account
Title: Minnesota DHS Data Breach
Description: Minnesota Department of Human Services (DHS) suffered a data breach incident after a DHS employee accidentally emailed the parent billing statements of 4,307 individuals involved in the program. The billing statements included first and last names, addresses, DHS-generated billing account numbers, and parental fee account activity.
Type: Data Breach
Attack Vector: Human Error
Vulnerability Exploited: Human Error
Title: University of Minnesota Data Breach
Description: The University of Minnesota confirms that it has contacted law enforcement and is investigating a claimed data breach that officials became aware on July 2021. According to the statement, the 'U' hired outside forensics specialists from around the world to investigate reports of a breach and make sure the University's computer systems were safe. The University of Minnesota will provide options to help prevent the exploitation of personal information as well as alert anyone who has been impacted by the alleged breach.
Date Detected: July 2021
Type: Data Breach
Title: Data Breach at Metropolitan Council
Description: The Maine Office of the Attorney General reported a data breach involving the Metropolitan Council on December 6, 2024. The breach occurred between March 27, 2024, and May 27, 2024, affecting 16,935 individuals, including 14 residents of Maine. The compromised information potentially included names, addresses, phone numbers, and social security numbers, and the organization is offering 12 months of credit monitoring through IDX.
Date Detected: 2024-12-06
Date Publicly Disclosed: 2024-12-06
Type: Data Breach
Title: University of Minnesota Legacy Data Warehouse Data Breach (August 2021)
Description: Unauthorized third parties accessed or obtained personal data from the University of Minnesota’s Legacy Data Warehouse in August 2021, potentially affecting students, employees, and program participants from 1989 through August 2021. The breach led to a $5 million class action settlement, offering affected individuals a $30 cash payment and 24 months of dark web monitoring. Personal data may have been posted on the dark web.
Date Detected: 2021-08-10
Date Publicly Disclosed: 2023-09
Type: Data Breach
Threat Actor: Unauthorized third parties
Title: Lack of Security Reviews Left Minnesota SNAP System Vulnerable to Breaches and Fraud
Description: The Minnesota Department of Human Services (DHS) failed to perform required security reviews of the computer system critical to the Supplemental Nutrition Assistance Program (SNAP) in 2020 and 2023. This oversight, attributed to a lack of resources, left the system—containing personal data of over 440,000 Minnesotans—vulnerable to potential breaches or fraud. The system determines eligibility for SNAP benefits and holds sensitive personal information. Audits warned that undetected security gaps could increase risks. The issue was addressed in 2024 by the newly formed Department of Children, Youth and Families (DCYF), which certified its security plan in March 2024 and is preparing for 2025 certification. Public trust in the program has been impacted, with beneficiaries expressing concerns over the security of their sensitive data.
Date Publicly Disclosed: 2024-09-16
Type: Security Oversight
Vulnerability Exploited: Lack of Security ReviewsUnpatched Security GapsResource Constraints in DHS
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Compromised Email Account and Legacy Data Warehouse.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach MIN21149222
Data Compromised: Personal information
Systems Affected: Email Servers
Incident : Data Breach MIN164122123
Data Compromised: First and last names, Addresses, Dhs-generated billing account numbers, Parental fee account activity
Incident : Data Breach MET935072725
Data Compromised: Names, Addresses, Phone numbers, Social security numbers
Incident : Data Breach UNI5693656101625
Financial Loss: $5,000,000 (settlement fund)
Systems Affected: Legacy Data Warehouse
Brand Reputation Impact: Negative (class action lawsuit and public disclosure)
Legal Liabilities: $5,000,000 settlement, attorneys' fees up to $1,666,666.67
Identity Theft Risk: High (personal data exposed, dark web monitoring offered)
Incident : Security Oversight MIN3124431112425
Systems Affected: SNAP Eligibility Determination System
Operational Impact: Increased Risk of BreachesPotential FraudErosion of Public Trust
Customer Complaints: ['Concerns from SNAP Beneficiaries Over Data Security']
Brand Reputation Impact: Loss of Trust in Public Assistance Programs
Identity Theft Risk: ['Potential Risk Due to Unsecured Personal Data']
What is the average financial loss per incident ?
Average Financial Loss: The average financial loss per incident is $833.33 thousand.
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Information, Personal Information, Account Information, , Names, Addresses, Phone Numbers, Social Security Numbers, , Personal Information and .
Which entities were affected by each incident ?
Incident : Data Breach MIN21149222
Entity Name: Minnesota Department of Human Services
Entity Type: Government Agency
Industry: Public Administration
Location: Minnesota, USA
Customers Affected: 11000
Incident : Data Breach MIN164122123
Entity Name: Minnesota Department of Human Services
Entity Type: Government Agency
Industry: Public Sector
Location: Minnesota, USA
Customers Affected: 4307
Incident : Data Breach UNI84623823
Entity Name: University of Minnesota
Entity Type: Educational Institution
Industry: Education
Location: Minnesota, USA
Incident : Data Breach MET935072725
Entity Name: Metropolitan Council
Entity Type: Government
Industry: Public Administration
Customers Affected: 16935
Incident : Data Breach UNI5693656101625
Entity Name: Regents of the University of Minnesota
Entity Type: Educational Institution
Industry: Higher Education
Location: Minnesota, USA
Customers Affected: Students, employees, and program participants from 1989 to August 2021
Incident : Security Oversight MIN3124431112425
Entity Name: Minnesota Department of Human Services (DHS)
Entity Type: Government Agency
Industry: Public Welfare
Location: Minnesota, USA
Customers Affected: 440,000+ (SNAP Beneficiaries)
Incident : Security Oversight MIN3124431112425
Entity Name: Minnesota Department of Children, Youth and Families (DCYF)
Entity Type: Government Agency
Industry: Public Welfare
Location: Minnesota, USA
Customers Affected: 440,000+ (SNAP Beneficiaries)
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach MIN21149222
Containment Measures: Secured Servers
Incident : Data Breach MIN164122123
Remediation Measures: Implemented new procedures to address the errorCommunicated procedure changes to staff
Incident : Data Breach UNI84623823
Third Party Assistance: Outside Forensics Specialists.
Communication Strategy: Providing options to prevent exploitation of personal information and alerting impacted individuals
Incident : Data Breach UNI5693656101625
Third Party Assistance: Kroll Settlement Administration Llc (Settlement Administration).
Recovery Measures: $5 million settlement fund for affected individuals
Communication Strategy: Direct notices sent to affected individuals in September 2023Public settlement claim process
Incident : Security Oversight MIN3124431112425
Remediation Measures: Security Plan Review and Certification (March 2024)Ongoing Certification Process for 2025
Communication Strategy: Public Statements by DCYF Commissioner Tikki BrownMedia Coverage via 5 INVESTIGATES
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Outside forensics specialists, , Kroll Settlement Administration LLC (settlement administration), .
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach MIN21149222
Type of Data Compromised: Personal Information
Number of Records Exposed: 11000
Incident : Data Breach MIN164122123
Type of Data Compromised: Personal information, Account information
Number of Records Exposed: 4307
Sensitivity of Data: Medium
Personally Identifiable Information: first and last namesaddresses
Incident : Data Breach MET935072725
Type of Data Compromised: Names, Addresses, Phone numbers, Social security numbers
Number of Records Exposed: 16935
Sensitivity of Data: High
Incident : Data Breach UNI5693656101625
Type of Data Compromised: Personal information
Sensitivity of Data: High (includes personally identifiable information)
Incident : Security Oversight MIN3124431112425
Sensitivity of Data: Personal Data of SNAP Beneficiaries (High)
Personally Identifiable Information: Potential Exposure (Names, Addresses, Financial Data, etc.)
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Implemented new procedures to address the error, Communicated procedure changes to staff, , Security Plan Review and Certification (March 2024), Ongoing Certification Process for 2025, .
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by secured servers and .
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Data Breach UNI5693656101625
Data Exfiltration: True
How does the company recover data encrypted by ransomware ?
Data Recovery from Ransomware: The company recovers data encrypted by ransomware through $5 million settlement fund for affected individuals, .
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach UNI5693656101625
Legal Actions: Class action lawsuit settled for $5 million,
Incident : Security Oversight MIN3124431112425
Regulations Violated: Federal Single Audit Requirements for Information System Security Reviews,
How does the company ensure compliance with regulatory requirements ?
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through Class action lawsuit settled for $5 million, .
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : Security Oversight MIN3124431112425
Lessons Learned: Regular security reviews and resource allocation are critical to preventing vulnerabilities in systems handling sensitive public welfare data. Delays in compliance can erode public trust and increase risks of fraud or breaches.
What recommendations were made to prevent future incidents ?
Incident : Security Oversight MIN3124431112425
Recommendations: Prioritize and fund mandatory security reviews for systems handling sensitive data., Implement continuous monitoring and third-party audits to ensure compliance., Enhance transparency with beneficiaries regarding data security measures., Allocate dedicated resources for cybersecurity within public welfare agencies.Prioritize and fund mandatory security reviews for systems handling sensitive data., Implement continuous monitoring and third-party audits to ensure compliance., Enhance transparency with beneficiaries regarding data security measures., Allocate dedicated resources for cybersecurity within public welfare agencies.Prioritize and fund mandatory security reviews for systems handling sensitive data., Implement continuous monitoring and third-party audits to ensure compliance., Enhance transparency with beneficiaries regarding data security measures., Allocate dedicated resources for cybersecurity within public welfare agencies.Prioritize and fund mandatory security reviews for systems handling sensitive data., Implement continuous monitoring and third-party audits to ensure compliance., Enhance transparency with beneficiaries regarding data security measures., Allocate dedicated resources for cybersecurity within public welfare agencies.
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are Regular security reviews and resource allocation are critical to preventing vulnerabilities in systems handling sensitive public welfare data. Delays in compliance can erode public trust and increase risks of fraud or breaches.
References
Where can I find more information about each incident ?
Incident : Data Breach UNI84623823
Source: University of Minnesota
Incident : Data Breach MET935072725
Source: Maine Office of the Attorney General
Date Accessed: 2024-12-06
Incident : Data Breach UNI5693656101625
Source: Class Action Settlement Notice
Incident : Data Breach UNI5693656101625
Source: Kroll Settlement Administration LLC
Incident : Security Oversight MIN3124431112425
Source: 5 INVESTIGATES (KSTP)
Date Accessed: 2024-09-16
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: University of Minnesota, and Source: Maine Office of the Attorney GeneralDate Accessed: 2024-12-06, and Source: Class Action Settlement Notice, and Source: Kroll Settlement Administration LLC, and Source: 5 INVESTIGATES (KSTP)Url: https://kstp.com/5-investigates/lack-of-security-reviews-left-minnesota-snap-system-vulnerable-to-breaches-fraud/Date Accessed: 2024-09-16.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach UNI84623823
Investigation Status: Ongoing
Incident : Data Breach UNI5693656101625
Investigation Status: Settled (class action lawsuit resolved)
Incident : Security Oversight MIN3124431112425
Investigation Status: Ongoing (Media Investigation by 5 INVESTIGATES; DCYF Claims Remediation Underway)
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Providing options to prevent exploitation of personal information and alerting impacted individuals, Direct Notices Sent To Affected Individuals In September 2023, Public Settlement Claim Process, Public Statements By Dcyf Commissioner Tikki Brown and Media Coverage Via 5 Investigates.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach UNI5693656101625
Stakeholder Advisories: Direct Notices To Affected Individuals (September 2023), Public Settlement Claim Process.
Customer Advisories: $30 cash payment and 24 months of dark web monitoring offered to affected individuals
Incident : Security Oversight MIN3124431112425
Customer Advisories: Public Statements by DCYF Commissioner Addressing Concerns
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Direct Notices To Affected Individuals (September 2023), Public Settlement Claim Process, $30 Cash Payment And 24 Months Of Dark Web Monitoring Offered To Affected Individuals, , Public Statements By Dcyf Commissioner Addressing Concerns and .
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach MIN21149222
Entry Point: Compromised Email Account
Incident : Data Breach UNI5693656101625
Entry Point: Legacy Data Warehouse,
High Value Targets: Personal Data Of Students, Employees, And Program Participants (1989–2021),
Data Sold on Dark Web: Personal Data Of Students, Employees, And Program Participants (1989–2021),
Incident : Security Oversight MIN3124431112425
High Value Targets: Snap Eligibility System Database,
Data Sold on Dark Web: Snap Eligibility System Database,
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach MIN164122123
Root Causes: Human Error
Corrective Actions: Implemented New Procedures To Address The Error, Communicated Procedure Changes To Staff,
Incident : Data Breach UNI5693656101625
Root Causes: Failure To Adequately Protect Personal Information In Legacy Data Warehouse,
Corrective Actions: $5 Million Settlement Fund, Dark Web Monitoring For Affected Individuals,
Incident : Security Oversight MIN3124431112425
Root Causes: Lack Of Resources In Dhs For Security Reviews, Failure To Comply With Federal Audit Requirements, Inadequate Oversight Of Critical Public Welfare Systems,
Corrective Actions: Security Plan Certification (March 2024) By Dcyf, Ongoing Certification Process For 2025, Media Engagement To Rebuild Public Trust,
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Outside Forensics Specialists, , Kroll Settlement Administration Llc (Settlement Administration), .
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Implemented New Procedures To Address The Error, Communicated Procedure Changes To Staff, , $5 Million Settlement Fund, Dark Web Monitoring For Affected Individuals, , Security Plan Certification (March 2024) By Dcyf, Ongoing Certification Process For 2025, Media Engagement To Rebuild Public Trust, .
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Unauthorized third parties.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on July 2021.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2024-09-16.
Impact of the Incidents
What was the highest financial loss from an incident ?
Highest Financial Loss: The highest financial loss from an incident was $5,000,000 (settlement fund).
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Personal Information, , first and last names, addresses, DHS-generated billing account numbers, parental fee account activity, , names, addresses, phone numbers, social security numbers, and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Email Servers and Legacy Data Warehouse and SNAP Eligibility Determination System.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was outside forensics specialists, , kroll settlement administration llc (settlement administration), .
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Secured Servers.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were social security numbers, first and last names, names, parental fee account activity, Personal Information, addresses, DHS-generated billing account numbers and phone numbers.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 751.0.
Regulatory Compliance
What was the most significant legal action taken for a regulatory violation ?
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was Class action lawsuit settled for $5 million, .
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Regular security reviews and resource allocation are critical to preventing vulnerabilities in systems handling sensitive public welfare data. Delays in compliance can erode public trust and increase risks of fraud or breaches.
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Allocate dedicated resources for cybersecurity within public welfare agencies., Enhance transparency with beneficiaries regarding data security measures., Prioritize and fund mandatory security reviews for systems handling sensitive data. and Implement continuous monitoring and third-party audits to ensure compliance..
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are University of Minnesota, 5 INVESTIGATES (KSTP), Maine Office of the Attorney General, Class Action Settlement Notice and Kroll Settlement Administration LLC.
What is the most recent URL for additional resources on cybersecurity best practices ?
Most Recent URL for Additional Resources: The most recent URL for additional resources on cybersecurity best practices is https://kstp.com/5-investigates/lack-of-security-reviews-left-minnesota-snap-system-vulnerable-to-breaches-fraud/ .
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was Direct notices to affected individuals (September 2023), Public settlement claim process, .
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued were an $30 cash payment and 24 months of dark web monitoring offered to affected individuals and Public Statements by DCYF Commissioner Addressing Concerns.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Compromised Email Account.
Post-Incident Analysis
What was the most significant root cause identified in post-incident analysis ?
Most Significant Root Cause: The most significant root cause identified in post-incident analysis was Human Error, Failure to adequately protect personal information in Legacy Data Warehouse, Lack of Resources in DHS for Security ReviewsFailure to Comply with Federal Audit RequirementsInadequate Oversight of Critical Public Welfare Systems.
What was the most significant corrective action taken based on post-incident analysis ?
Most Significant Corrective Action: The most significant corrective action taken based on post-incident analysis was Implemented new procedures to address the errorCommunicated procedure changes to staff, $5 million settlement fundDark web monitoring for affected individuals, Security Plan Certification (March 2024) by DCYFOngoing Certification Process for 2025Media Engagement to Rebuild Public Trust.
.png)
Latest Global CVEs (Not Company-Specific)
Description
vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.11.1, vllm has a critical remote code execution vector in a config class named Nemotron_Nano_VL_Config. When vllm loads a model config that contains an auto_map entry, the config class resolves that mapping with get_class_from_dynamic_module(...) and immediately instantiates the returned class. This fetches and executes Python from the remote repository referenced in the auto_map string. Crucially, this happens even when the caller explicitly sets trust_remote_code=False in vllm.transformers_utils.config.get_config. In practice, an attacker can publish a benign-looking frontend repo whose config.json points via auto_map to a separate malicious backend repo; loading the frontend will silently run the backend’s code on the victim host. This vulnerability is fixed in 0.11.1.
Risk Information
cvss3
Base: 7.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Description
fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. Prior to 12.5.0, by crafting a malicious URL, an attacker could access routes that are not allowed, even though the reply.from is defined for specific routes in @fastify/reply-from. This vulnerability is fixed in 12.5.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.
Risk Information
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Portkey.ai Gateway is a blazing fast AI Gateway with integrated guardrails. Prior to 1.14.0, the gateway determined the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then appends the client-specified path to perform an external fetch. This can be maliciously used by users for SSRF attacks. This vulnerability is fixed in 1.14.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=minnesota-zoo' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
