Comparison Overview

TDS®

VS

DrayTek Corp.

TDS®

8401 Greenway Boulevard, Suite 230, Middleton, WI, US, 53562
Last Update: 2026-01-12
View Profile
Between 750 and 799
http://www.tdsinc.com

Telephone and Data Systems (TDS) provides wireless products and services; cable and wireline broadband, TV and voice services to approximately 5.5 million customers nationwide. The TDS companies share a strong commitment to customer satisfaction by offering the highest-quality services and products and excellent customer support. UScellular® UScellular, headquartered in Chicago, IL, provides a comprehensive range of wireless services and products, excellent customer support, and a high-quality network to 5 million customers nationwide. UScellular is traded on the New York Stock Exchange under USM. TDS Telecommunications Corp.® TDS Telecommunications Corp., headquartered in Madison, WI, provides high-speed Internet, phone and TV entertainment services, as well as VoIP business solutions, to customers in rural, suburban and metropolitan communities nationwide. Suttle-Straus® Suttle-Straus provides comprehensive marketing solutions including creative design, mailing, fulfillment, distribution, displays, signage, promotional products, conventional and digital printing.

NAICS: 517
NAICS Definition: Telecommunications
Employees: 3,529
Subsidiaries: 0
12-month incidents
0
Known data breaches
1
Attack type number
1
View Profile

DrayTek Corp.

No.26, Fushing Road, HuKou,, HsinChu Industrial Park, HsinChu, Taiwan, TW, 303
Last Update: 2026-01-14
Between 750 and 799
http://www.draytek.com

DrayTek is listed by Broadband Communities in the USA as one of Top 100 MDU Technology Providers Top 100 MDU Technology Providers : DrayTek is one of them Link of Page http://bbcmag.epubxp.com/i/416055/48 [page 41, 43] DrayTek Unified Management ranges from VigorACS SI Central Management, Central VPN Management, to Central AP Management for managed service providers, resellers, system integrators, and Telcos to massively deploy Vigor SMB routers which are equipped with xDSL/FTTx/Gigabit Ethernet/USB WAN ports as well as LTE WAN. In the era of O2O and Internet of Thing (IoT), DrayTek can provide security for professionals, business offices, hospitalities via the robust firewall and VPN connections. The managed service providers can deploy Vigor SMB routers for those who subscribe broadband and require stable connection. Many companies can easily install Vigor routers because system integrators or resellers utilize VigorACS SI Central Management to monitor connections and proceed firmware upgrade and VPN establishment. The multi-national companies can adopt Vigor routers for multi-site business operations through cloud-based VigorACS SI Central Management or Central VPN Management. The Central AP Management facilitates the massive deployment of VigorAP wireless access points. DrayTek does not only develop latest ICT solutions but also offer customer-oriented services to customers. We established channel partners with profound management in order to assure customers with better services and solutions. We served customers with quality routers with highly-integrated features such as SSL VPN, QoS, bandwidth management, user management and content-security management (CSM). With the ITU announcement of G.Fast, we will keep path of developing solutions for managed service providers/Telcos to deploy FTTx with least cost but best quality. Welcome your deployment! Further queries/contact : [email protected] /[email protected]

NAICS: 517
NAICS Definition: Telecommunications
Employees: 95
Subsidiaries: 1
12-month incidents
0
Known data breaches
0
Attack type number
1

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/-tds-.jpeg
TDS®
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/draytek-corp-.jpeg
DrayTek Corp.
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
TDS®
100%
Compliance Rate
0/4 Standards Verified
DrayTek Corp.
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Telecommunications Industry Average (This Year)

No incidents recorded for TDS® in 2026.

Incidents vs Telecommunications Industry Average (This Year)

No incidents recorded for DrayTek Corp. in 2026.

Incident History — TDS® (X = Date, Y = Severity)

TDS® cyber incidents detection timeline including parent company and subsidiaries

Incident History — DrayTek Corp. (X = Date, Y = Severity)

DrayTek Corp. cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/-tds-.jpeg
TDS®
Incidents

Date Detected: 1/2021
Type:Breach
Attack Vector: External System Breach (Hacking)
Blog: Blog
https://images.rankiteo.com/companyimages/draytek-corp-.jpeg
DrayTek Corp.
Incidents

Date Detected: 6/2025
Type:Vulnerability
Attack Vector: Network, Unauthenticated Remote Access, Crafted HTTP/HTTPS Requests
Blog: Blog

FAQ

TDS® company demonstrates a stronger AI Cybersecurity Score compared to DrayTek Corp. company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

TDS® and DrayTek Corp. have experienced a similar number of publicly disclosed cyber incidents.

In the current year, DrayTek Corp. company and TDS® company have not reported any cyber incidents.

Neither DrayTek Corp. company nor TDS® company has reported experiencing a ransomware attack publicly.

TDS® company has disclosed at least one data breach, while the other DrayTek Corp. company has not reported such incidents publicly.

Neither DrayTek Corp. company nor TDS® company has reported experiencing targeted cyberattacks publicly.

DrayTek Corp. company has disclosed at least one vulnerability, while TDS® company has not reported such incidents publicly.

Neither TDS® nor DrayTek Corp. holds any compliance certifications.

Neither company holds any compliance certifications.

DrayTek Corp. company has more subsidiaries worldwide compared to TDS® company.

TDS® company employs more people globally than DrayTek Corp. company, reflecting its scale as a Telecommunications.

Neither TDS® nor DrayTek Corp. holds SOC 2 Type 1 certification.

Neither TDS® nor DrayTek Corp. holds SOC 2 Type 2 certification.

Neither TDS® nor DrayTek Corp. holds ISO 27001 certification.

Neither TDS® nor DrayTek Corp. holds PCI DSS certification.

Neither TDS® nor DrayTek Corp. holds HIPAA certification.

Neither TDS® nor DrayTek Corp. holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these exceptions, Gradle would continue to the next repository in the list and potentially resolve dependencies from a different repository. An exception like NoHttpResponseException can indicate transient errors. If the errors persist after a maximum number of retries, Gradle would continue to the next repository. This behavior could allow an attacker to disrupt the service of a repository and leverage another repository to serve malicious artifacts. This attack requires the attacker to have control over a repository after the disrupted repository. Gradle has introduced a change in behavior in Gradle 9.3.0 to stop searching other repositories when encountering these errors.

Published
Date
2026-01-16
Updated
Date
2026-01-16
Risk Information
cvss4
Base: 8.6
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these exceptions, Gradle would continue to the next repository in the list and potentially resolve dependencies from a different repository. If a Gradle build used an unresolvable host name, Gradle would continue to work as long as all dependencies could be resolved from another repository. An unresolvable host name could be caused by allowing a repository's domain name registration to lapse or typo-ing the real domain name. This behavior could allow an attacker to register a service under the host name used by the build and serve malicious artifacts. The attack requires the repository to be listed before others in the build configuration. Gradle has introduced a change in behavior in Gradle 9.3.0 to stop searching other repositories when encountering these errors.

Published
Date
2026-01-16
Updated
Date
2026-01-16
Risk Information
cvss4
Base: 8.6
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

node-tar is a Tar for Node.js. The node-tar library (<= 7.5.2) fails to sanitize the linkpath of Link (hardlink) and SymbolicLink entries when preservePaths is false (the default secure behavior). This allows malicious archives to bypass the extraction root restriction, leading to Arbitrary File Overwrite via hardlinks and Symlink Poisoning via absolute symlink targets. This vulnerability is fixed in 7.5.3.

Published
Date
2026-01-16
Updated
Date
2026-01-16
Risk Information
cvss4
Base: 8.2
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Microsoft Edge Elevation Service exposes a privileged COM interface that inadequately validates the privileges of the calling process. A standard (non‑administrator) local user can invoke the IElevatorEdge interface method LaunchUpdateCmdElevatedAndWait, causing the service to execute privileged update commands as LocalSystem. This allows a non‑administrator to enable or disable Windows Virtualization‑Based Security (VBS) by modifying protected system registry keys under HKLM\SYSTEM\CurrentControlSet\Control\DeviceGuard. Disabling VBS weakens critical platform protections such as Credential Guard, Hypervisor‑protected Code Integrity (HVCI), and the Secure Kernel, resulting in a security feature bypass.

Published
Date
2026-01-16
Updated
Date
2026-01-16
Risk Information
cvss3
Base: 5.1
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
References
Description

Improper authorization in Microsoft Power Apps allows an authorized attacker to execute code over a network.

Published
Date
2026-01-16
Updated
Date
2026-01-16
Risk Information
cvss3
Base: 8.0
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
References