Lewis & Clark

Lewis & Clark College, also known historically as Lewis & Clark Community College, is a higher education institution based in the United States of America. The organization's primary function is to provide educational programs and services, though specific academic offerings and student demographics are not detailed in the available information. Its operational scope is defined by its campus-based activities and digital systems supporting students, faculty, and staff. The college's identity has been significantly shaped by two major cybersecurity incidents that targeted its network infrastructure. In March 2023, the institution suffered a ransomware attack attributed to a group focusing on the education sector. This breach resulted in unauthorized access to data stored on the LC Files system, leading to the theft of sensitive personal information including passport details and social security numbers. The attackers subsequently published portions of this stolen data on the dark web. The college's response involved engaging external forensic experts, restoring systems from backups without yielding to ransom demands, and confirming that core administrative platforms like Workday, Colleague, and Nelnet remained secure. The incident's full data impact scope was still under forensic assessment at the time of reporting, and the college proactively provided credit monitoring and identity restoration services to affected current and former community members, with some employees experiencing subsequent fraudulent tax filings.

A prior ransomware incident occurred in November 2021, which forced the shutdown of all campuses and the cancellation of extracurricular activities, including sports. Suspicious network activity was detected, prompting the IT director to disable systems. While hackers successfully infiltrated the network, institutional leadership confirmed they did not obtain control over it. The timing of this attack, just before a holiday period, potentially complicated response efforts due to reduced staffing. These successive security events have driven the implementation of enhanced protective measures, most notably the introduction of multi-factor authentication for VPN access. The college's experience underscores the persistent targeting of educational entities by ransomware operators and its documented responses—including refusal to pay ransoms, reliance on backups, and offering identity protection services—constitute its most clearly established operational and strategic attributes in the available record. No explicit information is provided regarding the college's precise size, ownership structure, parent or subsidiary relationships, or other distinguishing specializations beyond its response to these cyber incidents.