PSC
Company Details
Linkedin ID:
pacific-science-center
Employees number:
230
Number of followers:
8,360
NAICS:
712
Industry Type:
Homepage:
pacificsciencecenter.org
IP Addresses:
0
Company ID:
PAC_2039262
Scan Status:
In-progress
Pacific Science Center Company CyberSecurity Posture
pacificsciencecenter.org
Born in the spirit of innovation at the 1962 World’s Fair in Seattle, the Pacific Science Center (PacSci) has ignited curiosity for more than 60 years. Since its founding as the nation’s first science and technology center, PacSci has worked to expand access to science, serve as a vital resource for educators, and fuel discovery and experimentation as a vibrant community laboratory. PacSci is an independent, not-for-profit institution that serves nearly 1 million people in the Pacific Northwest and beyond each year.
Pacific Science Center A.I CyberSecurity Scoring
PSC Risk Score (AI oriented)Between 750 and 799
PSC
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
PSC Global Score (TPRM)XXXX
PSC
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
PSC Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Pacific Science Center
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The Pacific Science Center experienced a data breach between **June 13, 2017, and June 21, 2017**, attributed to a **spear-phishing attack**. The incident, reported by the **Washington State Office of the Attorney General on July 10, 2017**, resulted in the compromise of **personal information** belonging to **605 Washington residents**. The exposed data included **names and Social Security numbers (SSNs)**, which are highly sensitive identifiers. Such information can be exploited for **identity theft, financial fraud, or targeted scams**, posing long-term risks to the affected individuals. The breach underscores vulnerabilities in the organization’s **email security protocols** and **employee awareness training**, as spear-phishing exploits human error to gain unauthorized access. While the breach did not involve ransomware or systemic operational disruption, the exposure of **SSNs** elevates the severity due to the potential for **prolonged harm to victims**, including credit damage and legal liabilities for the company. The incident also risks **reputational damage**, eroding public trust in the institution’s ability to safeguard personal data.
PSC Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for PSC
Incidents vs Museums, Historical Sites, and Zoos Industry Average (This Year)
No incidents recorded for Pacific Science Center in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Pacific Science Center in 2025.
Incident Types PSC vs Museums, Historical Sites, and Zoos Industry Avg (This Year)
No incidents recorded for Pacific Science Center in 2025.
Incident History — PSC (X = Date, Y = Severity)
PSC cyber incidents detection timeline including parent company and subsidiaries
PSC Company Subsidiaries
Born in the spirit of innovation at the 1962 World’s Fair in Seattle, the Pacific Science Center (PacSci) has ignited curiosity for more than 60 years. Since its founding as the nation’s first science and technology center, PacSci has worked to expand access to science, serve as a vital resource for educators, and fuel discovery and experimentation as a vibrant community laboratory. PacSci is an independent, not-for-profit institution that serves nearly 1 million people in the Pacific Northwest and beyond each year.
Loading...
PSC Similar Companies
The RMSC includes the RMSC Museum & Science Center, the RMSC Strasenburgh Planetarium, and the RMSC Cumming Nature Center. Offering experiences at the Museum & Science Center with more than 200 interactive exhibits, Planetarium with a 65-foot dome and Nature Center on 900 acres, the RMSC stimulates
Port Arthur Historic Site Management Authority
Port Arthur Historic Site is a special place of vivid history, cultural heritage and stories so compelling, you’ll want to hear them again and again. It’s a place of global significance – one of the 11 places that make up the UNESCO World Heritage-listed Australian Convict Sites. And it’s one of Aus
Ethnographic Museum Zagreb
The Ethnographic Museum in Zagreb was established in 1919 and its collections mainly consist of textile objects (national folk costumes), but there are also numerous collections of traditional economy, handicraft, home inventory, crafts and customs from all regions of Croatia, as well as items from
Norval Foundation
The Norval Foundation, opening to the public on April 28th, 2018, is a new centre for the research and exhibition of 20th and 21st century visual art from South Africa and beyond. Located in the Steenberg area of Cape Town, adjacent to Table Mountain National Park, the Norval Foundation combines the
Aquarium of the Bay
Located on San Francisco's Pier 39 at Fisherman’s Wharf, Aquarium of the Bay provides an inspiring window to San Francisco Bay's diverse ecosystem and wildlife. We share our conservation message with over half a million local and international visitors each year. In addition to inspiring and empowe
The Eric Carle Museum of Picture Book Art
The Eric Carle Museum of Picture Book Art opened its doors in Amherst, Massachusetts, in 2002 with a bold but simple vision—to promote picture-book illustration, as an art form, around the world. During its first 20 years, the Museum has been a tireless champion for picture book art, amassing a worl
.png)
PSC CyberSecurity News
November 22, 2025 08:00 AM
How BlackBerry Became Canada’s Indo-Pacific Cybersecurity Anchor
A Canadian company left for dead in 2016 is now advancing Ottawa's regional interests more effectively than many government initiatives.
November 20, 2025 09:49 AM
Allen Family Philanthropies Announces Nearly $7 Million in Funding for Arts and Culture Organizations at Seattle Center
Allen Family Philanthropies, is providing nearly $7 million in funding for nonprofits leading eight projects at the Seattle Center campus,...
October 05, 2025 07:00 AM
Asia Pacific Cybersecurity Companies To Follow In 2020
Steve Morgan, Editor-in-Chief. Sausalito, Calif. – Dec. 31, 2019. Cybersecurity Ventures predicts cybercrime damages will cost the world $6...
September 30, 2025 07:00 AM
E&E News: Staff cuts hit hard at NOAA Fisheries’ science centers
GREENWIRE | The Trump administration's purge of federal employees took a heavy toll on NOAA Fisheries' regional science centers,...
July 21, 2025 07:00 AM
JUST IN: Indo-Pacific Cybersecurity Needs Workforce Boost, Experts Say
An increase in cyberattacks from China and North Korea has magnified the importance of strengthening cybersecurity partnerships among...
May 01, 2025 07:00 AM
GeekWire Awards 2025 revealed: Community 'alive and well' at annual celebration of best in tech
Discover the winners and highlights from the 2025 GeekWire Awards, honoring top startups, innovators, and tech leaders in Seattle — plus a...
March 26, 2025 07:00 AM
The State of Cybersecurity in Southeast Asia
This Asia Pacific Bulletin special series examines "The State of Cybersecurity in Southeast Asia" and is guest edited by FACTS Asia's...
October 18, 2024 07:56 PM
AI Connect hosts Asia-Pacific workshop in Vietnam to advance responsible AI
The Ho Chi Minh City workshop was held at a pivotal moment in advancing responsible AI development and policy across South and Southeast Asia.
March 07, 2024 08:00 AM
Google opens Asia-Pacific cybersecurity research center in Tokyo
Google opened a cybersecurity research center in Tokyo on Thursday as part of a push to enhance security in the Asia-Pacific region.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
PSC CyberSecurity History Information
Official Website of Pacific Science Center
The official website of Pacific Science Center is https://pacificsciencecenter.org/.
Pacific Science Center’s AI-Generated Cybersecurity Score
According to Rankiteo, Pacific Science Center’s AI-generated cybersecurity score is 754, reflecting their Fair security posture.
How many security badges does Pacific Science Center’ have ?
According to Rankiteo, Pacific Science Center currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Pacific Science Center have SOC 2 Type 1 certification ?
According to Rankiteo, Pacific Science Center is not certified under SOC 2 Type 1.
Does Pacific Science Center have SOC 2 Type 2 certification ?
According to Rankiteo, Pacific Science Center does not hold a SOC 2 Type 2 certification.
Does Pacific Science Center comply with GDPR ?
According to Rankiteo, Pacific Science Center is not listed as GDPR compliant.
Does Pacific Science Center have PCI DSS certification ?
According to Rankiteo, Pacific Science Center does not currently maintain PCI DSS compliance.
Does Pacific Science Center comply with HIPAA ?
According to Rankiteo, Pacific Science Center is not compliant with HIPAA regulations.
Does Pacific Science Center have ISO 27001 certification ?
According to Rankiteo,Pacific Science Center is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Pacific Science Center
Pacific Science Center operates primarily in the Museums, Historical Sites, and Zoos industry.
Number of Employees at Pacific Science Center
Pacific Science Center employs approximately 230 people worldwide.
Subsidiaries Owned by Pacific Science Center
Pacific Science Center presently has no subsidiaries across any sectors.
Pacific Science Center’s LinkedIn Followers
Pacific Science Center’s official LinkedIn profile has approximately 8,360 followers.
NAICS Classification of Pacific Science Center
Pacific Science Center is classified under the NAICS code 712, which corresponds to Museums, Historical Sites, and Similar Institutions.
Pacific Science Center’s Presence on Crunchbase
Yes, Pacific Science Center has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/pacific-science-center.
Pacific Science Center’s Presence on LinkedIn
Yes, Pacific Science Center maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/pacific-science-center.
Cybersecurity Incidents Involving Pacific Science Center
As of December 03, 2025, Rankiteo reports that Pacific Science Center has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Pacific Science Center has an estimated 2,133 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Pacific Science Center ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does Pacific Science Center detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with public disclosure via washington state attorney general..
Incident Details
Can you provide details on each incident ?
Title: Pacific Science Center Data Breach (2017)
Description: The Washington State Office of the Attorney General reported a data breach involving Pacific Science Center on July 10, 2017. The breach, which occurred from June 13, 2017, to June 21, 2017, was the result of a 'spear phishing' attack, compromising personal information of approximately 605 Washington residents including names and Social Security numbers.
Date Detected: 2017-06-21
Date Publicly Disclosed: 2017-07-10
Type: Data Breach
Attack Vector: Spear Phishing
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Spear Phishing Email.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach PAC1018090725
Data Compromised: Names, Social security numbers
Identity Theft Risk: High (SSNs compromised)
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personally Identifiable Information (Pii) and .
Which entities were affected by each incident ?
Incident : Data Breach PAC1018090725
Entity Name: Pacific Science Center
Entity Type: Non-profit Organization
Industry: Education / Science Museum
Location: Seattle, Washington, USA
Customers Affected: 605
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach PAC1018090725
Communication Strategy: Public disclosure via Washington State Attorney General
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach PAC1018090725
Type of Data Compromised: Personally identifiable information (pii)
Number of Records Exposed: 605
Sensitivity of Data: High
Personally Identifiable Information: NamesSocial Security Numbers
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach PAC1018090725
Regulatory Notifications: Washington State Attorney General
References
Where can I find more information about each incident ?
Incident : Data Breach PAC1018090725
Source: Washington State Office of the Attorney General
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Washington State Office of the Attorney General.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach PAC1018090725
Investigation Status: Disclosed
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Public disclosure via Washington State Attorney General.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach PAC1018090725
Entry Point: Spear Phishing Email
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach PAC1018090725
Root Causes: Successful spear phishing attack leading to unauthorized access to PII
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2017-06-21.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2017-07-10.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Names, Social Security Numbers and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Names and Social Security Numbers.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 605.0.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Washington State Office of the Attorney General.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Disclosed.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Spear Phishing Email.
.png)
Latest Global CVEs (Not Company-Specific)
Description
vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.11.1, vllm has a critical remote code execution vector in a config class named Nemotron_Nano_VL_Config. When vllm loads a model config that contains an auto_map entry, the config class resolves that mapping with get_class_from_dynamic_module(...) and immediately instantiates the returned class. This fetches and executes Python from the remote repository referenced in the auto_map string. Crucially, this happens even when the caller explicitly sets trust_remote_code=False in vllm.transformers_utils.config.get_config. In practice, an attacker can publish a benign-looking frontend repo whose config.json points via auto_map to a separate malicious backend repo; loading the frontend will silently run the backend’s code on the victim host. This vulnerability is fixed in 0.11.1.
Risk Information
cvss3
Base: 7.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Description
fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. Prior to 12.5.0, by crafting a malicious URL, an attacker could access routes that are not allowed, even though the reply.from is defined for specific routes in @fastify/reply-from. This vulnerability is fixed in 12.5.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.
Risk Information
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Portkey.ai Gateway is a blazing fast AI Gateway with integrated guardrails. Prior to 1.14.0, the gateway determined the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then appends the client-specified path to perform an external fetch. This can be maliciously used by users for SSRF attacks. This vulnerability is fixed in 1.14.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=pacific-science-center' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
