SHSND
Company Details
Linkedin ID:
state-historical-society-of-north-dakota
Website:
Employees number:
59
Number of followers:
659
NAICS:
712
Industry Type:
Homepage:
nd.gov
IP Addresses:
0
Company ID:
STA_2270658
Scan Status:
In-progress
State Historical Society of North Dakota Company CyberSecurity Posture
nd.gov
Established in 1895, the State Historical Society of North Dakota's mission is “to identify, preserve, interpret, and promote the heritage of North Dakota and its people.” The State Historical Society of North Dakota oversees 58 historic sites and museums located throughout the state. The North Dakota Heritage Center has been our headquarters since 1981. If you are looking for more information about the State Historical Society of North Dakota, please visit history.nd.gov.
State Historical Society of North Dakota A.I CyberSecurity Scoring
SHSND Risk Score (AI oriented)Between 750 and 799
SHSND
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
SHSND Global Score (TPRM)XXXX
SHSND
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
SHSND Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
North Dakota Workforce Safety & Insurance
Cyber Attack
Rankiteo Explanation
Attack threatening the organization's existence
Description: The North Dakota Workforce Safety & Insurance agency was a victim of a cybersecurity attack. Attack involved personal data. A Workforce Safety & Insurance employee noticed unusual activity on their computer after opening an email attachment and reported the incident to the internal help desk. The computer was secured and removed from the state network.. WSI immediately contacted North Dakota Information Technology, which referred the incident to the NDIT Cyber Analysis and Response team. The sophisticated phishing attack was isolated to a single computer and did not spread to the state network. The emails contained personal information of 182 injured employees.
SHSND Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for SHSND
Incidents vs Museums, Historical Sites, and Zoos Industry Average (This Year)
No incidents recorded for State Historical Society of North Dakota in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for State Historical Society of North Dakota in 2025.
Incident Types SHSND vs Museums, Historical Sites, and Zoos Industry Avg (This Year)
No incidents recorded for State Historical Society of North Dakota in 2025.
Incident History — SHSND (X = Date, Y = Severity)
SHSND cyber incidents detection timeline including parent company and subsidiaries
SHSND Company Subsidiaries
Established in 1895, the State Historical Society of North Dakota's mission is “to identify, preserve, interpret, and promote the heritage of North Dakota and its people.” The State Historical Society of North Dakota oversees 58 historic sites and museums located throughout the state. The North Dakota Heritage Center has been our headquarters since 1981. If you are looking for more information about the State Historical Society of North Dakota, please visit history.nd.gov.
Loading...
SHSND Similar Companies
FactSet
FactSet creates flexible, open data and software solutions for tens of thousands of investment professionals around the world, providing instant access to financial data and analytics that investors use to make crucial decisions. For 40 years, through market changes and technological progress, our
CIMB
CIMB Group is a leading ASEAN universal bank, one of the largest Asian investment banks and one of the world's largest Islamic banks. We are headquartered in Kuala Lumpur, Malaysia and offer consumer banking, commercial banking, wholesale banking, Islamic banking, and asset management products and
Northwestern Mutual
Northwestern Mutual is here for what’s most important—helping families and businesses experience the freedom of financial security for over 160 years. Through our personalized, holistic approach, including both insurance and investments, we’re helping people make the most of life today, and for days
Westpac Group
From rescue helicopters to signing the Equator Principles, from paying super during parental leave to adding 'Touch ID' biometric technology to our banking apps and being first on the scene with a helping hand in times of crisis... we have a proud history of stepping up to be first for our customer
Truist Financial Corporation is a purpose-driven financial services company committed to inspiring and building better lives and communities. As a leading U.S. commercial bank, Truist has leading market share in many of the high-growth markets across the country. Truist offers a wide range of produc
Vanguard
Join us as we celebrate 50 years of empowering our 50 million investor-owners.* Since our founding in 1975, we’ve been on a mission to help investors achieve their goals. With no outside shareholders to answer to, we make decisions—including keeping investing costs as low as possible—with our clien
.png)
SHSND CyberSecurity News
August 22, 2025 07:00 AM
Antler Historical Society works to restore building, create space for state centennial quilt
ANTLER, N.D. (KMOT) - A small North Dakota town's historical society has a big goal when it comes to stitching together local and state...
May 05, 2025 07:00 AM
South Dakota students plan commencement protest against Kristi Noem receiving honorary doctorate
Students and faculty at Dakota State University are facing free speech concerns for the first time now that Department of Homeland Security...
March 07, 2025 08:00 AM
Wounded Knee Massacre Memorial and Sacred Site Act passes unanimously
RAPID CITY, S.D. (KOTA) - U.S. Senator Mike Rounds, R-S.D., announces his legislation, the Wounded Knee Massacre Memorial and Sacred Site...
February 23, 2025 08:00 AM
The Top 10 Best Colleges in Fargo for Tech Enthusiasts in 2025
Leading schools include Rasmussen University, NDSU, and UND, each excelling in hands-on tech education and partnerships with industry giants.
January 09, 2025 08:00 AM
South Dakota Sec. of State Monae Johnson announces reelection bid
The 2026 election cycle has officially begun. Secretary of State Monae Johnson became the first candidate to publicly declare her candidacy...
August 16, 2024 01:33 PM
Moorhead Campus
M State's Moorhead campus is a comprehensive college offering technical and career options and a full transfer degree program in a vibrant metropolitan...
July 29, 2024 07:00 AM
How a small college became a national cyber powerhouse
A credit card operation's move to South Dakota 40 years ago helped turn Dakota State University into a unique, high-tech program.
March 13, 2024 07:00 AM
Noem slings accusations about tribes while signing education bills
Gov. Kristi Noem leveled accusations against Native American parents and political leaders Wednesday while saying she wants to help Native American students...
December 15, 2023 08:00 AM
w/VIDEO: Burgum, Miller reflect on progress and milestones during administration’s seventh year
BISMARCK, N.D. – Gov. Doug Burgum and Lt. Gov. Tammy Miller this week marked the completion of the Burgum administration's seventh year,...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
SHSND CyberSecurity History Information
Official Website of State Historical Society of North Dakota
The official website of State Historical Society of North Dakota is https://www.history.nd.gov/.
State Historical Society of North Dakota’s AI-Generated Cybersecurity Score
According to Rankiteo, State Historical Society of North Dakota’s AI-generated cybersecurity score is 763, reflecting their Fair security posture.
How many security badges does State Historical Society of North Dakota’ have ?
According to Rankiteo, State Historical Society of North Dakota currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does State Historical Society of North Dakota have SOC 2 Type 1 certification ?
According to Rankiteo, State Historical Society of North Dakota is not certified under SOC 2 Type 1.
Does State Historical Society of North Dakota have SOC 2 Type 2 certification ?
According to Rankiteo, State Historical Society of North Dakota does not hold a SOC 2 Type 2 certification.
Does State Historical Society of North Dakota comply with GDPR ?
According to Rankiteo, State Historical Society of North Dakota is not listed as GDPR compliant.
Does State Historical Society of North Dakota have PCI DSS certification ?
According to Rankiteo, State Historical Society of North Dakota does not currently maintain PCI DSS compliance.
Does State Historical Society of North Dakota comply with HIPAA ?
According to Rankiteo, State Historical Society of North Dakota is not compliant with HIPAA regulations.
Does State Historical Society of North Dakota have ISO 27001 certification ?
According to Rankiteo,State Historical Society of North Dakota is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of State Historical Society of North Dakota
State Historical Society of North Dakota operates primarily in the Museums, Historical Sites, and Zoos industry.
Number of Employees at State Historical Society of North Dakota
State Historical Society of North Dakota employs approximately 59 people worldwide.
Subsidiaries Owned by State Historical Society of North Dakota
State Historical Society of North Dakota presently has no subsidiaries across any sectors.
State Historical Society of North Dakota’s LinkedIn Followers
State Historical Society of North Dakota’s official LinkedIn profile has approximately 659 followers.
NAICS Classification of State Historical Society of North Dakota
State Historical Society of North Dakota is classified under the NAICS code 712, which corresponds to Museums, Historical Sites, and Similar Institutions.
State Historical Society of North Dakota’s Presence on Crunchbase
No, State Historical Society of North Dakota does not have a profile on Crunchbase.
State Historical Society of North Dakota’s Presence on LinkedIn
Yes, State Historical Society of North Dakota maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/state-historical-society-of-north-dakota.
Cybersecurity Incidents Involving State Historical Society of North Dakota
As of December 03, 2025, Rankiteo reports that State Historical Society of North Dakota has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
State Historical Society of North Dakota has an estimated 2,133 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at State Historical Society of North Dakota ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack.
How does State Historical Society of North Dakota detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with computer secured and removed from the state network..
Incident Details
Can you provide details on each incident ?
Title: Cybersecurity Attack on North Dakota Workforce Safety & Insurance
Description: A sophisticated phishing attack compromised personal data of injured employees.
Type: Phishing Attack
Attack Vector: Email Attachment
Vulnerability Exploited: Human error (opening malicious email attachment)
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Email Attachment.
Impact of the Incidents
What was the impact of each incident ?
Incident : Phishing Attack NOR1916281022
Data Compromised: Personal information of 182 injured employees
Systems Affected: Single computer
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal information.
Which entities were affected by each incident ?
Incident : Phishing Attack NOR1916281022
Entity Name: North Dakota Workforce Safety & Insurance
Entity Type: Government Agency
Industry: Public Sector
Location: North Dakota
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Phishing Attack NOR1916281022
Incident Response Plan Activated: True
Containment Measures: Computer secured and removed from the state network
Data Breach Information
What type of data was compromised in each breach ?
Incident : Phishing Attack NOR1916281022
Type of Data Compromised: Personal information
Number of Records Exposed: 182
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by computer secured and removed from the state network and .
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Phishing Attack NOR1916281022
Investigation Status: Isolated to a single computer
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Phishing Attack NOR1916281022
Entry Point: Email Attachment
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Phishing Attack NOR1916281022
Root Causes: Human error (opening malicious email attachment)
Additional Questions
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident was Personal information of 182 injured employees.
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Single computer.
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Computer secured and removed from the state network.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was Personal information of 182 injured employees.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 182.0.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Isolated to a single computer.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Email Attachment.
.png)
Latest Global CVEs (Not Company-Specific)
Description
vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.11.1, vllm has a critical remote code execution vector in a config class named Nemotron_Nano_VL_Config. When vllm loads a model config that contains an auto_map entry, the config class resolves that mapping with get_class_from_dynamic_module(...) and immediately instantiates the returned class. This fetches and executes Python from the remote repository referenced in the auto_map string. Crucially, this happens even when the caller explicitly sets trust_remote_code=False in vllm.transformers_utils.config.get_config. In practice, an attacker can publish a benign-looking frontend repo whose config.json points via auto_map to a separate malicious backend repo; loading the frontend will silently run the backend’s code on the victim host. This vulnerability is fixed in 0.11.1.
Risk Information
cvss3
Base: 7.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Description
fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. Prior to 12.5.0, by crafting a malicious URL, an attacker could access routes that are not allowed, even though the reply.from is defined for specific routes in @fastify/reply-from. This vulnerability is fixed in 12.5.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.
Risk Information
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Portkey.ai Gateway is a blazing fast AI Gateway with integrated guardrails. Prior to 1.14.0, the gateway determined the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then appends the client-specified path to perform an external fetch. This can be maliciously used by users for SSRF attacks. This vulnerability is fixed in 1.14.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=state-historical-society-of-north-dakota' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
