What happened? 

An unauthorized third party accessed a small number of Clackamas Community College computer systems and encrypted files on the network. In response, Clackamas launched an investigation in consultation with federal law enforcement and outside experts specializing in cybersecurity incidents. 

The investigation has determined that some files from the Clackamas data server were copied during the incident. CCC reviewed the files and is notifying individuals whose personal information was included in the files. 

Who did this?  

This incident was perpetrated by an unauthorized third party that accessed the CCC computer network. We do not know the identity of the individual or individuals responsible for this incident.   

Did you notify law enforcement? 

Yes, CCC immediately notified law enforcement and worked collaboratively on the investigation. The FBI recently announced that law enforcement has disrupted the operations of the threat actor group responsible for the incident at the college.

Why was I notified? 

Clackamas takes the privacy and confidentiality of the information in its control seriously. If you receive a notification letter in the mail from CCC, it is likely because the investigation found that your personal information was contained in one of the copied files.  

When did you learn about this?

The incident was discovered on Jan. 19, 2024, but we did not learn that your information was potentially involved until Feb. 29, 2024. Once it was determined which individuals’ personal information was involved, CCC worked to locate addresses and mail notification letters to individuals as quickly as possible. 

Why wasn’t I contacted sooner?

CCC recently completed its review of the files. Data reviews of this nature take some time to complete when done right. We are notifying individuals as quickly as possible. 

What specific information of mine may have been compromised? 

CCC is not aware of any fraud or identity theft to any individual as a result of this incident.  Nevertheless, as part of its investigation, we searched for any personal information that could have been viewed as a result of the incident. Based on its investigation, the third party may have accessed and acquired the information identified in your specific notification letter.

Are the rest of Clackamas Community College’s systems secure? 

Yes. The incident only involved access to a small number of systems on the college’s network. We engaged third-party experts to review our systems and confirm that the incident was contained. We are continuing to explore additional improvements to continue to harden its network and have not identified any evidence of ongoing unauthorized access to its network. 

I did not receive a notice. Why did only some people receive notices about the incident? 

Based on its investigation, CCC determined that the incident only involved a limited number of individuals’ personal information. 

Will this affect my service/education at Clackamas Community College? 


How many people were affected?

The college’s investigation did not find any evidence of fraud or identity theft to any individual; however, because the unauthorized third party took files from the college’s environment, we are notifying any individual whose information was contained in one of the relevant files.  

Why was my personal information contained on CCC’s systems?

CCC stores personal information for various reasons, including human resource functions, student administration and finance purposes. The servers involved in this incident were generally used by CCC administration, students and faculty for general file storage.

What are you going to do to prevent this from happening again? 

The security of personal information is of the utmost importance to Clackamas Community College. Clackamas had security measures in place before this incident, and it will continue to take reasonable steps to enhance the security of its systems to safeguard personal information. 

Is there anything else I should do to protect myself? 

We understand the situation may be a cause for concern. As a general precaution, we recommend you regularly monitor your financial statements and credit reports. If you detect any suspected incidents of fraud or identity theft, we recommend that you immediately report them to the financial institution that holds that account and to local law enforcement. 

You may consider the following best practices to help protect your information:


Equifax Security Freeze



P.O. Box 105788

Atlanta, GA 30348

Experian Security Freeze 



P.O. Box 9554

Allen, TX 75013

TransUnion Security Freeze



P.O. Box 160

Woodlyn, PA 19094


How will I know if my information was used by someone else? 

The Federal Trade Commission has published tips for people on protecting their identity. These tips include warning signs of identity theft and can be found on the FTC website at www.ftc.gov/idtheft