The Pacific Science Center experienced a data breach between **June 13, 2017, and June 21, 2017**, attributed to a **spear-phishing attack**. The incident, reported by the **Washington State Office of the Attorney General on July 10, 2017**, resulted in the compromise of **personal information** belonging to **605 Washington residents**. The exposed data included **names and Social Security numbers (SSNs)**, which are highly sensitive identifiers. Such information can be exploited for **identity theft, financial fraud, or targeted scams**, posing long-term risks to the affected individuals. The breach underscores vulnerabilities in the organization’s **email security protocols** and **employee awareness training**, as spear-phishing exploits human error to gain unauthorized access. While the breach did not involve ransomware or systemic operational disruption, the exposure of **SSNs** elevates the severity due to the potential for **prolonged harm to victims**, including credit damage and legal liabilities for the company. The incident also risks **reputational damage**, eroding public trust in the institution’s ability to safeguard personal data.
TPRM report: https://www.rankiteo.com/company/pacific-science-center
"id": "pac1018090725",
"linkid": "pacific-science-center",
"type": "Breach",
"date": "6/2017",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 605,
'industry': 'Education / Science Museum',
'location': 'Seattle, Washington, USA',
'name': 'Pacific Science Center',
'type': 'Non-profit Organization'}],
'attack_vector': 'Spear Phishing',
'data_breach': {'data_exfiltration': True,
'number_of_records_exposed': 605,
'personally_identifiable_information': ['Names',
'Social Security '
'Numbers'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)']},
'date_detected': '2017-06-21',
'date_publicly_disclosed': '2017-07-10',
'description': 'The Washington State Office of the Attorney General reported '
'a data breach involving Pacific Science Center on July 10, '
'2017. The breach, which occurred from June 13, 2017, to June '
"21, 2017, was the result of a 'spear phishing' attack, "
'compromising personal information of approximately 605 '
'Washington residents including names and Social Security '
'numbers.',
'impact': {'data_compromised': ['Names', 'Social Security Numbers'],
'identity_theft_risk': 'High (SSNs compromised)'},
'initial_access_broker': {'entry_point': 'Spear Phishing Email'},
'investigation_status': 'Disclosed',
'post_incident_analysis': {'root_causes': 'Successful spear phishing attack '
'leading to unauthorized access to '
'PII'},
'references': [{'source': 'Washington State Office of the Attorney General'}],
'regulatory_compliance': {'regulatory_notifications': 'Washington State '
'Attorney General'},
'response': {'communication_strategy': 'Public disclosure via Washington '
'State Attorney General'},
'title': 'Pacific Science Center Data Breach (2017)',
'type': 'Data Breach'}