SO
Company Details
Linkedin ID:
state-of-oregon
Website:
Employees number:
10,454
Number of followers:
44,817
NAICS:
92
Industry Type:
Homepage:
oregon.gov
IP Addresses:
0
Company ID:
STA_3243538
Scan Status:
In-progress
State of Oregon Company CyberSecurity Posture
oregon.gov
Official LinkedIn page for the state of Oregon. Oregon is a state in the Pacific Northwest region of the United States. It is located on the Pacific coast, with Washington to the north, California to the south, Nevada on the southeast and Idaho to the east. The Columbia and Snake rivers delineate much of Oregon's northern and eastern boundaries, respectively. The area was inhabited by many indigenous tribes before the arrival of traders, explorers, and settlers who formed an autonomous government in Oregon Country in 1843. The Oregon Territory was created in 1848, and Oregon became the 33rd state on February 14, 1859.
State of Oregon A.I CyberSecurity Scoring
SO Risk Score (AI oriented)Between 750 and 799
SO
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
SO Global Score (TPRM)XXXX
SO
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
SO Company CyberSecurity News & History
Past Incidents
2
Attack Types
2
Oregon Department of Transportation
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Millions of drivers and car owners had their personal information taken as a result of the MOVEit breach, including the departments of motor vehicles in Louisiana and Oregon. The company was hacked, exposing information from an estimated 3.5 million identity cards and driver's licences. Given that many people's personal information was exposed to potential unscrupulous actors, the Oregon DMV data breach could be risky for them. As of right now, there is no evidence that the MOVEit hacker group sold, exchanged, or publicly publicised the OMV information they stole.
Oregon Department of Transportation
Ransomware
Rankiteo Explanation
Attack threatening the organization’s existence
Description: The MOVEit Transfer file transfer platform, created by Progress Software Corporation, was the subject of a recent, major hacking effort by the Cl0p ransomware group, according to alarming information disclosed by cybersecurity firm Emsisoft. The analysts estimate that 60,144,069 people and about 1,000 organisations were affected by the attacks. The Cl0p group's leak site, state breach reports, SEC filings, and other public disclosures are the sources of the data. The attacks affected tens of millions of people, according to the experts. Maximus, Pôle emploi, Louisiana Office of Motor Vehicles, Colorado Department of Health Care Policy and Financing, Oregon Department of Transportation, Teachers Insurance and Annuity Association of America, Genworth, PH Tech, and Milliman Solutions are the organisations with the greatest number of affected persons.
SO Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for SO
Incidents vs Government Administration Industry Average (This Year)
No incidents recorded for State of Oregon in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for State of Oregon in 2025.
Incident Types SO vs Government Administration Industry Avg (This Year)
No incidents recorded for State of Oregon in 2025.
Incident History — SO (X = Date, Y = Severity)
SO cyber incidents detection timeline including parent company and subsidiaries
SO Company Subsidiaries
Official LinkedIn page for the state of Oregon. Oregon is a state in the Pacific Northwest region of the United States. It is located on the Pacific coast, with Washington to the north, California to the south, Nevada on the southeast and Idaho to the east. The Columbia and Snake rivers delineate much of Oregon's northern and eastern boundaries, respectively. The area was inhabited by many indigenous tribes before the arrival of traders, explorers, and settlers who formed an autonomous government in Oregon Country in 1843. The Oregon Territory was created in 1848, and Oregon became the 33rd state on February 14, 1859.
Loading...
SO Similar Companies
Ontario Government | Gouvernement de l’Ontario
Ontario Government | Gouvernement de l’Ontario The Ontario Government works to serve the public interest and uphold the public trust by providing Ministers with objective advice and expert guidance. The Ontario Public Service carries out the decisions and policies of the elected government with int
Vlaamse overheid
Bij de Vlaamse overheid geef je elke dag opnieuw het beste van jezelf, in een job die een verschil maakt in de maatschappij. Pas afgestudeerd of al een aantal jaren professionele ervaring achter de rug? Op zoek naar een job als arbeider, bediende, leidinggevende, administratief medewerker, ingenie
County of Santa Clara
The County of Santa Clara is located at the southern end of the San Francisco Bay and encompasses 1,312 square miles. It has one of the highest median family incomes in the country, and a wide diversity of cultures, backgrounds and talents. The County of Santa Clara continues to attract people fro
Ville de Montréal
Montréal est la plus grande ville francophone d’Amérique et elle se distingue par sa vitalité culturelle exceptionnelle et des forces créatrices reconnues mondialement. Elle se développe un peu plus chaque jour en une ville contemporaine, inclusive et dynamique sur les plans économique, culturel
State of Michigan
Every day the contributions and achievements of State of Michigan employees have a direct impact on over 10 million Michiganders across the state. If you're looking for a fulfilling career in state government that can make a real difference in the lives of others, you can find your place working wit
Social Security Administration
Social Security provides financial protection for our nation’s people, supporting more than 64 million individuals and families. With retirement, disability, and survivors benefits, Social Security is one of the most successful anti-poverty programs in our nation's history. We are there throughout
FEMA
Welcome to the official LinkedIn page for the Federal Emergency Management Agency (FEMA). When disaster strikes, America looks to FEMA to support survivors and first responders in communities all across the country. This page provides career related information, job announcements and relevant updat
South African Revenue Service (SARS)
Its main functions are to: collect and administer all national taxes, duties and levies; collect revenue that may be imposed under any other legislation, as agreed on between SARS and an organ of state or institution entitled to the revenue; provide protection against the illegal importation
The Singapore Public Service
The Singapore Public Service works with the elected Government and Singaporeans to forge a common vision of Singapore’s future and bring it into reality. We take pride in living out our values of integrity, service and excellence. Follow us for stories on how our public officers are contributing
.png)
SO CyberSecurity News
November 19, 2025 08:00 AM
A dangerous tipping point? Anthropic’s AI hacking claims divide experts
Startup's announcement of world's first AI-led hacking campaign prompts both alarm and scepticism among experts.
October 20, 2025 07:00 AM
Cybersecurity Awareness Month Focus Areas for State and Local Government
State and local agencies nationwide are marking Cybersecurity Awareness Month. Oregon and Colorado are leaning into the National...
October 07, 2025 07:00 AM
US Data Privacy Guide
In 2019, the US data privacy framework changed significantly with the emergence of the California Consumer Privacy Act which created a...
October 01, 2025 07:00 AM
Oregon promotes Core 4 practices for online safety during Cybersecurity Awareness Month
Enterprise Information Services (EIS) and the state of Oregon this week announced their participation in Cybersecurity Awareness Month this...
September 29, 2025 07:00 AM
These 2 states are spearheading K12 cybersecurity legislation
As cybersecurity threats ramp up in complexity and frequency, these five states are addressing these challenges through targeted legislation...
September 05, 2025 07:00 AM
University of Oregon Investigates Student Who Found Cybersecurity Flaws
After a physics student reported being able to access confidential information, the university accused him of violating policies on...
September 03, 2025 07:00 AM
New report highlights five states stepping up K-12 cyber
Arkansas, Massachusetts, Oregon, Pennsylvania and Texas are introducing and passing legislation that other states could learn from,...
August 26, 2025 07:00 AM
MS-ISAC Report Notes Protective State Cybersecurity Models
Case studies in the Multi-State Information Sharing and Analysis Center's latest report show how states are extending cyber protections...
August 21, 2025 07:00 AM
College of Information Sciences and Technology welcomes 11 new faculty members
The Penn State College of Information Sciences and Technology welcomed 11 new faculty members in July. They represent the college's three...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
SO CyberSecurity History Information
Official Website of State of Oregon
The official website of State of Oregon is http://www.oregon.gov/.
State of Oregon’s AI-Generated Cybersecurity Score
According to Rankiteo, State of Oregon’s AI-generated cybersecurity score is 776, reflecting their Fair security posture.
How many security badges does State of Oregon’ have ?
According to Rankiteo, State of Oregon currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does State of Oregon have SOC 2 Type 1 certification ?
According to Rankiteo, State of Oregon is not certified under SOC 2 Type 1.
Does State of Oregon have SOC 2 Type 2 certification ?
According to Rankiteo, State of Oregon does not hold a SOC 2 Type 2 certification.
Does State of Oregon comply with GDPR ?
According to Rankiteo, State of Oregon is not listed as GDPR compliant.
Does State of Oregon have PCI DSS certification ?
According to Rankiteo, State of Oregon does not currently maintain PCI DSS compliance.
Does State of Oregon comply with HIPAA ?
According to Rankiteo, State of Oregon is not compliant with HIPAA regulations.
Does State of Oregon have ISO 27001 certification ?
According to Rankiteo,State of Oregon is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of State of Oregon
State of Oregon operates primarily in the Government Administration industry.
Number of Employees at State of Oregon
State of Oregon employs approximately 10,454 people worldwide.
Subsidiaries Owned by State of Oregon
State of Oregon presently has no subsidiaries across any sectors.
State of Oregon’s LinkedIn Followers
State of Oregon’s official LinkedIn profile has approximately 44,817 followers.
NAICS Classification of State of Oregon
State of Oregon is classified under the NAICS code 92, which corresponds to Public Administration.
State of Oregon’s Presence on Crunchbase
Yes, State of Oregon has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/oregon-department-of-environmental-quality.
State of Oregon’s Presence on LinkedIn
Yes, State of Oregon maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/state-of-oregon.
Cybersecurity Incidents Involving State of Oregon
As of December 19, 2025, Rankiteo reports that State of Oregon has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
State of Oregon has an estimated 11,745 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at State of Oregon ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware and Breach.
Incident Details
Can you provide details on each incident ?
Title: MOVEit Data Breach
Description: Millions of drivers and car owners had their personal information taken as a result of the MOVEit breach, including the departments of motor vehicles in Louisiana and Oregon. The company was hacked, exposing information from an estimated 3.5 million identity cards and driver's licences. Given that many people's personal information was exposed to potential unscrupulous actors, the Oregon DMV data breach could be risky for them. As of right now, there is no evidence that the MOVEit hacker group sold, exchanged, or publicly publicised the OMV information they stole.
Type: Data Breach
Threat Actor: MOVEit hacker group
Title: MOVEit Transfer Platform Hack by Cl0p Ransomware Group
Description: The MOVEit Transfer file transfer platform, created by Progress Software Corporation, was the subject of a recent, major hacking effort by the Cl0p ransomware group.
Type: Ransomware
Threat Actor: Cl0p ransomware group
Motivation: Data exfiltration and ransom
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach ORE61425623
Data Compromised: Personal information, Identity cards, Driver's licences
Identity Theft Risk: High
Incident : Ransomware ORE45181223
Data Compromised: 60,144,069 people
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Information, Identity Cards, Driver'S Licences and .
Which entities were affected by each incident ?
Incident : Data Breach ORE61425623
Entity Name: Department of Motor Vehicles, Louisiana
Entity Type: Government
Industry: Public Sector
Location: Louisiana
Incident : Data Breach ORE61425623
Entity Name: Department of Motor Vehicles, Oregon
Entity Type: Government
Industry: Public Sector
Location: Oregon
Incident : Ransomware ORE45181223
Entity Name: Progress Software Corporation
Entity Type: Corporation
Industry: Software
Customers Affected: 60,144,069 people and about 1,000 organisations
Incident : Ransomware ORE45181223
Entity Name: Louisiana Office of Motor Vehicles
Entity Type: Government
Incident : Ransomware ORE45181223
Entity Name: Colorado Department of Health Care Policy and Financing
Entity Type: Government
Incident : Ransomware ORE45181223
Entity Name: Oregon Department of Transportation
Entity Type: Government
Incident : Ransomware ORE45181223
Entity Name: Teachers Insurance and Annuity Association of America
Entity Type: Organization
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach ORE61425623
Type of Data Compromised: Personal information, Identity cards, Driver's licences
Number of Records Exposed: 3.5 million
Sensitivity of Data: High
Incident : Ransomware ORE45181223
Number of Records Exposed: 60,144,069
Ransomware Information
Was ransomware involved in any of the incidents ?
References
Where can I find more information about each incident ?
Incident : Ransomware ORE45181223
Source: Emsisoft
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Emsisoft.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an MOVEit hacker group and Cl0p ransomware group.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were personal information, identity cards, driver's licences, , 60,144 and069 people.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were 60,144,069 people, personal information, driver's licences and identity cards.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 63.6M.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Emsisoft.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permission restrictions via a crafted HTTP request. This allows an attacker who lacks the live queries - read permission to successfully retrieve the list of live queries.
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Description
Weblate is a web based localization tool. In versions prior to 5.15.1, it was possible to overwrite Git configuration remotely and override some of its behavior. Version 5.15.1 fixes the issue.
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description
Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch can allow an authenticated user with snapshot restore privileges to cause Excessive Allocation (CAPEC-130) of memory and a denial of service (DoS) via crafted HTTP request.
Risk Information
cvss3
Base: 4.9
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Description
Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana can allow a low-privileged authenticated user to cause Excessive Allocation (CAPEC-130) of computing resources and a denial of service (DoS) of the Kibana process via a crafted HTTP request.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Description
Improper neutralization of input during web page generation ('Cross-site Scripting') (CWE-79) allows an unauthenticated user to embed a malicious script in content that will be served to web browsers causing cross-site scripting (XSS) (CAPEC-63) via a vulnerability a function handler in the Vega AST evaluator.
Risk Information
cvss3
Base: 6.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=state-of-oregon' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
