ODT
Company Details
Linkedin ID:
oregon-department-of-transportation
Website:
Employees number:
1,953
Number of followers:
20,057
NAICS:
92
Industry Type:
Homepage:
oregon.gov
IP Addresses:
0
Company ID:
ORE_2387723
Scan Status:
In-progress
Oregon Department of Transportation Company CyberSecurity Posture
oregon.gov
The Oregon Department of Transportation is an award-winning organization, more than 4,500 employees strong. Together, we provide a safe and reliable multimodal transportation system that connects people and helps Oregon's communities and economy thrive. Transportation in Oregon is a multi-billion dollar investment in our people, our environment and our state. Almost every aspect of life is affected one way or another by transportation. With 96,000 square miles of land, we must have a safe, dependable system — and in Oregon, that includes highways, passenger and freight rail, public transit and non-motorized transportation. Over the past several years, Oregonians have opted to invest in the state’s transportation infrastructure. This commitment to a sound transportation system is creating opportunities for engineers, planners, maintenance and construction workers, information systems specialists, accountants, customer service representatives, inspectors, policy analysts and other knowledgeable employees. Consider a career with the Oregon Department of Transportation. Live and work among tall mountains, surrounded by sandy ocean beaches and clear blue lakes, in the grassy valleys or on the high desert, in the big city or in a small country town. Oregon has it all — just waiting for you to discover; waiting for you to make your mark. For job opportunities, visit www.odotjobs.com or email [email protected]. For general questions, call (888) ASK-ODOT.
Oregon Department of Transportation A.I CyberSecurity Scoring
ODT Risk Score (AI oriented)Between 550 and 599
ODT
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
ODT Global Score (TPRM)XXXX
ODT
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
ODT Company CyberSecurity News & History
Past Incidents
2
Attack Types
2
Oregon Department of Transportation
Ransomware
Rankiteo Explanation
Attack threatening the organization’s existence
Description: The MOVEit Transfer file transfer platform, created by Progress Software Corporation, was the subject of a recent, major hacking effort by the Cl0p ransomware group, according to alarming information disclosed by cybersecurity firm Emsisoft. The analysts estimate that 60,144,069 people and about 1,000 organisations were affected by the attacks. The Cl0p group's leak site, state breach reports, SEC filings, and other public disclosures are the sources of the data. The attacks affected tens of millions of people, according to the experts. Maximus, Pôle emploi, Louisiana Office of Motor Vehicles, Colorado Department of Health Care Policy and Financing, Oregon Department of Transportation, Teachers Insurance and Annuity Association of America, Genworth, PH Tech, and Milliman Solutions are the organisations with the greatest number of affected persons.
Oregon Department of Transportation
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Millions of drivers and car owners had their personal information taken as a result of the MOVEit breach, including the departments of motor vehicles in Louisiana and Oregon. The company was hacked, exposing information from an estimated 3.5 million identity cards and driver's licences. Given that many people's personal information was exposed to potential unscrupulous actors, the Oregon DMV data breach could be risky for them. As of right now, there is no evidence that the MOVEit hacker group sold, exchanged, or publicly publicised the OMV information they stole.
ODT Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for ODT
Incidents vs Government Administration Industry Average (This Year)
No incidents recorded for Oregon Department of Transportation in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Oregon Department of Transportation in 2026.
Incident Types ODT vs Government Administration Industry Avg (This Year)
No incidents recorded for Oregon Department of Transportation in 2026.
Incident History — ODT (X = Date, Y = Severity)
ODT cyber incidents detection timeline including parent company and subsidiaries
ODT Company Subsidiaries
The Oregon Department of Transportation is an award-winning organization, more than 4,500 employees strong. Together, we provide a safe and reliable multimodal transportation system that connects people and helps Oregon's communities and economy thrive. Transportation in Oregon is a multi-billion dollar investment in our people, our environment and our state. Almost every aspect of life is affected one way or another by transportation. With 96,000 square miles of land, we must have a safe, dependable system — and in Oregon, that includes highways, passenger and freight rail, public transit and non-motorized transportation. Over the past several years, Oregonians have opted to invest in the state’s transportation infrastructure. This commitment to a sound transportation system is creating opportunities for engineers, planners, maintenance and construction workers, information systems specialists, accountants, customer service representatives, inspectors, policy analysts and other knowledgeable employees. Consider a career with the Oregon Department of Transportation. Live and work among tall mountains, surrounded by sandy ocean beaches and clear blue lakes, in the grassy valleys or on the high desert, in the big city or in a small country town. Oregon has it all — just waiting for you to discover; waiting for you to make your mark. For job opportunities, visit www.odotjobs.com or email [email protected]. For general questions, call (888) ASK-ODOT.
Loading...
ODT Similar Companies
Secretaría de Educación Pública
MISIÓN/PROPÓSITO: La SEP tiene como propósito esencial crear condiciones que permitan asegurar el acceso de todas las mexicanas y mexicanos a una educación de calidad, en el nivel y modalidad que la requieran y en el lugar donde la demanden. VISIÓN: En el año 2025, México cuenta con un sistema
European Commission
The Commission represents and upholds the interests of the EU as a whole, and is independent of national governments. The European Commission prepares legislation for adoption by the Council (representing the member countries) and the Parliament (representing the citizens). It administers the budge
City of Houston
Home to a respected and energetic cultural arts scene, celebrated restaurants featuring flavors from 35 countries, world-renowned theater groups and the brains behind U.S. space exploration, Houston is a diverse metropolis brimming with personality. With nearly 21,000 concerts, plays, exhibition
Department for Education
Help us achieve world-class education, training and care for everyone, whatever their background. Whether you're just starting out, or an experienced professional, we have what you are looking for. Jobs include administration, policy advisers, digital, finance, commercial specialists and many more
I work for NSW
The NSW public sector includes ten departments and many agencies and organisations working together to develop policy and deliver important services such as health, education, housing, transport and infrastructure across NSW. We are over 300,000 dedicated people who share the same values - making a
CONICET
El Consejo Nacional de Investigaciones Científicas y Técnicas (CONICET) es el principal organismo dedicado a la promoción de la ciencia y la tecnología en la Argentina. Su actividad se desarrolla en cuatro grandes áreas: • Ciencias agrarias, ingeniería y de materiales • Ciencias biológicas y de la s
Government of Alberta
Work with the Alberta government to build a stronger province for current and future generations. We offer diverse and rewarding employment opportunities in an environment that encourages continuous learning and career growth. We are one of the largest employers in Alberta with over 27,000 empl
City of Philadelphia
With a workforce of 30,000 people, and opportunities in 1,000 different job categories, the City of Philadelphia is one of the largest employers in Southeastern Pennsylvania. As an employer, we operate through the guiding principles of service, integrity, respect, accountability, collaboration, dive
France Travail
France Travail est un acteur majeur du marché de l’emploi en France où il s’investit pour faciliter le retour à l’emploi des demandeurs d’emploi et offrir aux entreprises des réponses adaptées à leurs besoins de recrutement. Les 55 000 collaborateurs de France Travail œuvrent au quotidien pour êtr
.png)
ODT CyberSecurity News
January 20, 2026 03:58 PM
Oregon bill would offer insurance discounts for wildfire mitigation
A new bill in Oregon would incentivize wildfire prevention efforts by offering homeowners property insurance discounts.
January 16, 2026 12:30 AM
Kotek’s call to repeal her own transportation law faces legal concerns
Repealing the 2025 transportation law she championed in the upcoming short session could raise legal questions for Oregon Gov. Tina Kotek.
January 07, 2026 08:00 AM
Gov. Kotek outlines plan to repeal transportation bill she championed
After her transportation package was challenged by Republicans, Oregon Governor Tina Kotek is urging state lawmakers to redirect funding to...
December 30, 2025 08:00 AM
Why Oregon gas tax bump, higher title, registration fees are on hold
Gov. Tina Kotek's transportation package takes effect Dec. 31, but some parts will not happen while signatures for a referendum effort are...
December 17, 2025 08:00 AM
Windstorm Knocks Out Power to Thousands of Co-op Members in Pacific Northwest
Electric cooperative crews in the Pacific Northwest were rapidly restoring power Wednesday after a fierce windstorm blew through parts of...
December 16, 2025 08:00 AM
Atmospheric River pummels the Northwest
HUNTSVILLE, Ala. (WHNT) — A powerful weather system is causing a headache across the Northwest region of the United States.
December 15, 2025 08:00 AM
‘Our worst fear’ Oregon Coast residents brace for more rain as atmospheric river set to return
A devastating landslide near Siletz, Oregon has damaged three structures, forced 10 households to evacuate, and caused debris to wash up...
December 13, 2025 08:00 AM
Massive OR 229 landslide sparks ODOT funding debate among Oregon politicians
PORTLAND, Ore. (KOIN) — A massive landslide on OR 229 has reignited a debate over the funding of the Oregon Department of Transportation...
December 12, 2025 08:00 AM
5 homes evacuated after ‘massive’ landslide near Siletz
A section of highway near the Oregon Coast has closed due to a landslide Friday morning, officials said.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
ODT CyberSecurity History Information
Official Website of Oregon Department of Transportation
The official website of Oregon Department of Transportation is http://www.oregon.gov/odot.
Oregon Department of Transportation’s AI-Generated Cybersecurity Score
According to Rankiteo, Oregon Department of Transportation’s AI-generated cybersecurity score is 572, reflecting their Very Poor security posture.
How many security badges does Oregon Department of Transportation’ have ?
According to Rankiteo, Oregon Department of Transportation currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Oregon Department of Transportation been affected by any supply chain cyber incidents ?
According to Rankiteo, Oregon Department of Transportation has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Oregon Department of Transportation have SOC 2 Type 1 certification ?
According to Rankiteo, Oregon Department of Transportation is not certified under SOC 2 Type 1.
Does Oregon Department of Transportation have SOC 2 Type 2 certification ?
According to Rankiteo, Oregon Department of Transportation does not hold a SOC 2 Type 2 certification.
Does Oregon Department of Transportation comply with GDPR ?
According to Rankiteo, Oregon Department of Transportation is not listed as GDPR compliant.
Does Oregon Department of Transportation have PCI DSS certification ?
According to Rankiteo, Oregon Department of Transportation does not currently maintain PCI DSS compliance.
Does Oregon Department of Transportation comply with HIPAA ?
According to Rankiteo, Oregon Department of Transportation is not compliant with HIPAA regulations.
Does Oregon Department of Transportation have ISO 27001 certification ?
According to Rankiteo,Oregon Department of Transportation is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Oregon Department of Transportation
Oregon Department of Transportation operates primarily in the Government Administration industry.
Number of Employees at Oregon Department of Transportation
Oregon Department of Transportation employs approximately 1,953 people worldwide.
Subsidiaries Owned by Oregon Department of Transportation
Oregon Department of Transportation presently has no subsidiaries across any sectors.
Oregon Department of Transportation’s LinkedIn Followers
Oregon Department of Transportation’s official LinkedIn profile has approximately 20,057 followers.
NAICS Classification of Oregon Department of Transportation
Oregon Department of Transportation is classified under the NAICS code 92, which corresponds to Public Administration.
Oregon Department of Transportation’s Presence on Crunchbase
No, Oregon Department of Transportation does not have a profile on Crunchbase.
Oregon Department of Transportation’s Presence on LinkedIn
Yes, Oregon Department of Transportation maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/oregon-department-of-transportation.
Cybersecurity Incidents Involving Oregon Department of Transportation
As of January 22, 2026, Rankiteo reports that Oregon Department of Transportation has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
Oregon Department of Transportation has an estimated 11,873 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Oregon Department of Transportation ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach and Ransomware.
Incident Details
Can you provide details on each incident ?
Title: MOVEit Data Breach
Description: Millions of drivers and car owners had their personal information taken as a result of the MOVEit breach, including the departments of motor vehicles in Louisiana and Oregon. The company was hacked, exposing information from an estimated 3.5 million identity cards and driver's licences. Given that many people's personal information was exposed to potential unscrupulous actors, the Oregon DMV data breach could be risky for them. As of right now, there is no evidence that the MOVEit hacker group sold, exchanged, or publicly publicised the OMV information they stole.
Type: Data Breach
Threat Actor: MOVEit hacker group
Title: MOVEit Transfer Platform Hack by Cl0p Ransomware Group
Description: The MOVEit Transfer file transfer platform, created by Progress Software Corporation, was the subject of a recent, major hacking effort by the Cl0p ransomware group.
Type: Ransomware
Threat Actor: Cl0p ransomware group
Motivation: Data exfiltration and ransom
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach ORE61425623
Data Compromised: Personal information, Identity cards, Driver's licences
Identity Theft Risk: High
Incident : Ransomware ORE45181223
Data Compromised: 60,144,069 people
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Information, Identity Cards, Driver'S Licences and .
Which entities were affected by each incident ?
Incident : Data Breach ORE61425623
Entity Name: Department of Motor Vehicles, Louisiana
Entity Type: Government
Industry: Public Sector
Location: Louisiana
Incident : Data Breach ORE61425623
Entity Name: Department of Motor Vehicles, Oregon
Entity Type: Government
Industry: Public Sector
Location: Oregon
Incident : Ransomware ORE45181223
Entity Name: Progress Software Corporation
Entity Type: Corporation
Industry: Software
Customers Affected: 60,144,069 people and about 1,000 organisations
Incident : Ransomware ORE45181223
Entity Name: Louisiana Office of Motor Vehicles
Entity Type: Government
Incident : Ransomware ORE45181223
Entity Name: Colorado Department of Health Care Policy and Financing
Entity Type: Government
Incident : Ransomware ORE45181223
Entity Name: Oregon Department of Transportation
Entity Type: Government
Incident : Ransomware ORE45181223
Entity Name: Teachers Insurance and Annuity Association of America
Entity Type: Organization
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach ORE61425623
Type of Data Compromised: Personal information, Identity cards, Driver's licences
Number of Records Exposed: 3.5 million
Sensitivity of Data: High
Incident : Ransomware ORE45181223
Number of Records Exposed: 60,144,069
Ransomware Information
Was ransomware involved in any of the incidents ?
References
Where can I find more information about each incident ?
Incident : Ransomware ORE45181223
Source: Emsisoft
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Emsisoft.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an MOVEit hacker group and Cl0p ransomware group.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were personal information, identity cards, driver's licences, , 60,144 and069 people.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were identity cards, 60,144,069 people, personal information and driver's licences.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 63.6M.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Emsisoft.
.png)
Latest Global CVEs (Not Company-Specific)
Description
SummaryA command injection vulnerability (CWE-78) has been found to exist in the `wrangler pages deploy` command. The issue occurs because the `--commit-hash` parameter is passed directly to a shell command without proper validation or sanitization, allowing an attacker with control of `--commit-hash` to execute arbitrary commands on the system running Wrangler. Root causeThe commitHash variable, derived from user input via the --commit-hash CLI argument, is interpolated directly into a shell command using template literals (e.g., execSync(`git show -s --format=%B ${commitHash}`)). Shell metacharacters are interpreted by the shell, enabling command execution. ImpactThis vulnerability is generally hard to exploit, as it requires --commit-hash to be attacker controlled. The vulnerability primarily affects CI/CD environments where `wrangler pages deploy` is used in automated pipelines and the --commit-hash parameter is populated from external, potentially untrusted sources. An attacker could exploit this to: * Run any shell command. * Exfiltrate environment variables. * Compromise the CI runner to install backdoors or modify build artifacts. Credits Disclosed responsibly by kny4hacker. Mitigation * Wrangler v4 users are requested to upgrade to Wrangler v4.59.1 or higher. * Wrangler v3 users are requested to upgrade to Wrangler v3.114.17 or higher. * Users on Wrangler v2 (EOL) should upgrade to a supported major version.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data as well as unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L).
Risk Information
cvss3
Base: 8.1
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=oregon-department-of-transportation' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
