AmpUp
Company Details
Linkedin ID:
ampup-charging
Website:
Employees number:
59
Number of followers:
6,131
NAICS:
5112
Industry Type:
Homepage:
ampup.io
IP Addresses:
0
Company ID:
AMP_1513626
Scan Status:
In-progress
AmpUp Company CyberSecurity Posture
ampup.io
AmpUp makes EV charging simple, reliable, and ready wherever your people park. Our platform connects workplaces, communities, fleets, and public sites with charging that’s easy to manage and built to perform. Real-time controls, flexible access options, and 24/7 support come standard. For installers, AmpUp is easy to activate and even easier to oversee—no call centers, no delays. No matter where you’re starting, AmpUp fits right in. Compatible with 15+ trusted hardware brands, our platform makes it easy to launch at one site, or scale across many. ✓ 98.5% session success rate, 99.9% uptime. ✓ Easy activation, remote fixes, and full access control. ✓ Public, private, or paid charging options. ✓ Approved across 50+ utility incentive programs. ✓ We’re hiring! https://ampup.breezy.hr/
AmpUp A.I CyberSecurity Scoring
AmpUp Risk Score (AI oriented)Between 650 and 699
AmpUp
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
AmpUp Global Score (TPRM)XXXX
AmpUp
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
AmpUp Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
AmpUp and Inc.: DATA BREACH ALERT: Edelson Lechtzin LLP is Investigating Claims on Behalf of AmpUp, Inc. Customers Whose Data May Have Been Compromised
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: AmpUp Data Breach Exposes Personal Information in Stripe API Incident On October 25, 2025, AmpUp, Inc., a provider of electric vehicle charging management technology, detected unauthorized activity within its Stripe online payment system. The company launched an investigation, confirming that an unauthorized third party exploited AmpUp’s Stripe API key to conduct fraudulent financial transactions on the same day. As a result, sensitive personal data including names and other identifiers may have been accessed or exfiltrated. AmpUp, which serves commercial, workplace, fleet, and residential EV charging networks, has not disclosed the full scope of the breach or the number of affected individuals. The incident prompted Edelson Lechtzin LLP, a national class action law firm, to announce an investigation into potential legal claims on behalf of those impacted. The firm is exploring remedies for individuals whose data may have been compromised. The breach highlights risks associated with third-party payment integrations, particularly in sectors handling financial and personal data. Further details on the investigation or AmpUp’s response remain pending.
AmpUp Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for AmpUp
Incidents vs Software Development Industry Average (This Year)
No incidents recorded for AmpUp in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for AmpUp in 2026.
Incident Types AmpUp vs Software Development Industry Avg (This Year)
No incidents recorded for AmpUp in 2026.
Incident History — AmpUp (X = Date, Y = Severity)
AmpUp cyber incidents detection timeline including parent company and subsidiaries
AmpUp Company Subsidiaries
AmpUp makes EV charging simple, reliable, and ready wherever your people park. Our platform connects workplaces, communities, fleets, and public sites with charging that’s easy to manage and built to perform. Real-time controls, flexible access options, and 24/7 support come standard. For installers, AmpUp is easy to activate and even easier to oversee—no call centers, no delays. No matter where you’re starting, AmpUp fits right in. Compatible with 15+ trusted hardware brands, our platform makes it easy to launch at one site, or scale across many. ✓ 98.5% session success rate, 99.9% uptime. ✓ Easy activation, remote fixes, and full access control. ✓ Public, private, or paid charging options. ✓ Approved across 50+ utility incentive programs. ✓ We’re hiring! https://ampup.breezy.hr/
Loading...
AmpUp Similar Companies
Atlassian
Atlassian powers the collaboration that helps teams accomplish what would otherwise be impossible alone. From space missions and motor racing to bugs in code and IT requests, no task is too large or too small with the right team, the right tools, and the right practices. Over 300,000 global compa
KPIT
About KPIT KPIT is reimagining the future of mobility, forging ahead with group companies and partners to shape a world that is cleaner, smarter, and safer. With over 25 years of specialized expertise in Mobility, KPIT is accelerating the transformation towards Software and AI-Defined Vehicles thr
Cadence
Cadence is a market leader in AI and digital twins, pioneering the application of computational software to accelerate innovation in the engineering design of silicon to systems. Our design solutions, based on Cadence’s Intelligent System Design™ strategy, are essential for the world’s leading semic
Sage
At Sage, we knock down barriers with information, insights, and tools to help your business flow. We provide businesses with software and services that are simple and easy to use, as we work with you to give you that feeling of confidence. Customers trust our Payroll, HR, and Finance software to m
Databricks
Databricks is the Data and AI company. More than 20,000 organizations worldwide — including adidas, AT&T, Bayer, Block, Mastercard, Rivian, Unilever, and over 60% of the Fortune 500 — rely on Databricks to build and scale data and AI apps, analytics and agents. Headquartered in San Francisco with 30
Groupon is an experiences marketplace that brings people more ways to get the most out of their city or wherever they may be. By enabling real-time mobile commerce across local businesses, live events and travel destinations, Groupon helps people find and discover experiences––big and small, new and
DoorDash
At DoorDash, our mission to empower local economies shapes how our team members move quickly and always learn and reiterate to support merchants, Dashers and the communities we serve. We are a technology and logistics company that started with door-to-door delivery, and we are looking for team membe
Shopify is a leading global commerce company, providing trusted tools to start, grow, market, and manage a retail business of any size. Shopify makes commerce better for everyone with a platform and services that are engineered for reliability, while delivering a better shopping experience for consu
GoTo is the largest technology group in Indonesia, combining on-demand and financial services through the Gojek and GoTo Financial brands. It is the first platform in Southeast Asia to host these two essential use cases in one ecosystem, capturing a majority of Indonesian consumer household expendit
.png)
AmpUp CyberSecurity News
December 19, 2025 08:00 AM
AmpUp launches EV charging pricing recommendation engine
AmpUp has released its new Pricing Recommendation Engine, a feature within the AmpUp EV Cloud charging platform designed to help EV charging...
October 07, 2025 07:00 AM
Smart cybersecurity strategies to stay one step ahead
With a title like chief executive optimist, you'd expect Aron Feuer to have a positive outlook on the growing threat hackers pose to...
May 09, 2025 07:00 AM
Govt asks RBI, NPCI, others to amp up cyber security amid widening conflict with Pakistan
The Centre has specifically asked these institutions to remain on high alert and bolster cybersecurity across core banking systems, payment...
May 09, 2025 07:00 AM
Cyber Alert: Govt Tells RBI, NPCI To Amp Up Security As Tensions Escalate
Govt asks RBI, banks, NPCI to boost cyber security amid India-Pak conflict to protect digital payments and financial systems.
June 26, 2024 07:00 AM
BlackBerry beats estimate for Q1 revenue on strong demand for cybersecurity services
Canada's BlackBerry , beat first-quarter revenue estimates on Wednesday, driven by a resilient demand for cybersecurity services in the wake...
July 18, 2023 07:00 AM
10 Best Cybersecurity Youtube Channels of 2023
Cybersecurity has become a paramount concern for individuals and organizations alike. With cyber threats evolving rapidly, staying informed...
July 06, 2023 07:00 AM
Banking customers urged to amp up security
Bank Windhoek's Manager of Forensic Services, Johnny Truter said that BEC is an advanced phishing scam that impersonates people, organisations, or entities the...
December 19, 2022 04:41 AM
OryxLabs | Top Cyber Security Solutions Company in Middle East-2022
OryxLabs, Cyber Security Middle East Solutions/Service Company, Abu Dhabi, UAE - OryxLabs: Driving Cyber Resilience via Advanced Digital Risk Protection...
November 05, 2022 07:00 AM
Cybersecurity startup HackersEra aims to secure the virtual environment
Founded in 2015, Pune-based cybersecurity startup HackersEra focuses on the automotive and telecom sectors. It has completed over 600...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
AmpUp CyberSecurity History Information
Official Website of AmpUp
The official website of AmpUp is https://ampup.io.
AmpUp’s AI-Generated Cybersecurity Score
According to Rankiteo, AmpUp’s AI-generated cybersecurity score is 690, reflecting their Weak security posture.
How many security badges does AmpUp’ have ?
According to Rankiteo, AmpUp currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has AmpUp been affected by any supply chain cyber incidents ?
According to Rankiteo, AmpUp has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does AmpUp have SOC 2 Type 1 certification ?
According to Rankiteo, AmpUp is not certified under SOC 2 Type 1.
Does AmpUp have SOC 2 Type 2 certification ?
According to Rankiteo, AmpUp does not hold a SOC 2 Type 2 certification.
Does AmpUp comply with GDPR ?
According to Rankiteo, AmpUp is not listed as GDPR compliant.
Does AmpUp have PCI DSS certification ?
According to Rankiteo, AmpUp does not currently maintain PCI DSS compliance.
Does AmpUp comply with HIPAA ?
According to Rankiteo, AmpUp is not compliant with HIPAA regulations.
Does AmpUp have ISO 27001 certification ?
According to Rankiteo,AmpUp is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of AmpUp
AmpUp operates primarily in the Software Development industry.
Number of Employees at AmpUp
AmpUp employs approximately 59 people worldwide.
Subsidiaries Owned by AmpUp
AmpUp presently has no subsidiaries across any sectors.
AmpUp’s LinkedIn Followers
AmpUp’s official LinkedIn profile has approximately 6,131 followers.
NAICS Classification of AmpUp
AmpUp is classified under the NAICS code 5112, which corresponds to Software Publishers.
AmpUp’s Presence on Crunchbase
No, AmpUp does not have a profile on Crunchbase.
AmpUp’s Presence on LinkedIn
Yes, AmpUp maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/ampup-charging.
Cybersecurity Incidents Involving AmpUp
As of January 24, 2026, Rankiteo reports that AmpUp has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
AmpUp has an estimated 28,180 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at AmpUp ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does AmpUp detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with data breach notification..
Incident Details
Can you provide details on each incident ?
Title: AmpUp Stripe API Data Breach
Description: AmpUp identified unauthorized activity involving its Stripe online payment system. An unauthorized third party used AmpUp’s Stripe API key to carry out fraudulent financial transactions, potentially accessing or obtaining certain personal information, including names and other personal identifiers.
Date Detected: 2025-10-25
Date Publicly Disclosed: 2025-12-23
Type: Data Breach
Attack Vector: API Key Compromise
Vulnerability Exploited: Unauthorized use of Stripe API key
Threat Actor: Unauthorized third party
Motivation: Financial fraud
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Stripe API key.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach AMP1766541276
Data Compromised: Names and other personal identifiers
Systems Affected: Stripe online payment system
Legal Liabilities: Potential class action lawsuit
Identity Theft Risk: Yes
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal information.
Which entities were affected by each incident ?
Incident : Data Breach AMP1766541276
Entity Name: AmpUp, Inc.
Entity Type: Company
Industry: Electric Vehicle Charging Technology
Location: United States
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach AMP1766541276
Communication Strategy: Data breach notification
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach AMP1766541276
Type of Data Compromised: Personal information
Sensitivity of Data: Names and other personal identifiers
Personally Identifiable Information: Yes
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach AMP1766541276
Legal Actions: Class action lawsuit investigation
How does the company ensure compliance with regulatory requirements ?
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through Class action lawsuit investigation.
Lessons Learned and Recommendations
What recommendations were made to prevent future incidents ?
Incident : Data Breach AMP1766541276
Recommendations: Review account statements and monitor credit reports for suspicious activity
What recommendations has the company implemented to improve cybersecurity ?
Implemented Recommendations: The company has implemented the following recommendations to improve cybersecurity: Review account statements and monitor credit reports for suspicious activity.
References
Where can I find more information about each incident ?
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Globe NewswireDate Accessed: 2025-12-23.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach AMP1766541276
Investigation Status: Ongoing
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Data breach notification.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach AMP1766541276
Customer Advisories: Data breach notification with steps to protect personal data
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: was Data breach notification with steps to protect personal data.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach AMP1766541276
Entry Point: Stripe API key
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach AMP1766541276
Root Causes: Unauthorized use of Stripe API key
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Unauthorized third party.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2025-10-25.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025-12-23.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident was Names and other personal identifiers.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was Names and other personal identifiers.
Regulatory Compliance
What was the most significant legal action taken for a regulatory violation ?
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was Class action lawsuit investigation.
Lessons Learned and Recommendations
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Review account statements and monitor credit reports for suspicious activity.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Globe Newswire.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an Data breach notification with steps to protect personal data.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Stripe API key.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Typemill is a flat-file, Markdown-based CMS designed for informational documentation websites. A reflected Cross-Site Scripting (XSS) exists in the login error view template `login.twig` of versions 2.19.1 and below. The `username` value can be echoed back without proper contextual encoding when authentication fails. An attacker can execute script in the login page context. This issue has been fixed in version 2.19.2.
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Description
A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the DomainCheckerApp class within domain/script.js of Sourcecodester Domain Availability Checker v1.0. The vulnerability occurs because the application improperly handles user-supplied data in the createResultElement method by using the unsafe innerHTML property to render domain search results.
Description
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Modern Image Gallery App v1.0 within the gallery/upload.php component. The application fails to properly validate uploaded file contents. Additionally, the application preserves the user-supplied file extension during the save process. This allows an unauthenticated attacker to upload arbitrary PHP code by spoofing the MIME type as an image, leading to full system compromise.
Description
A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges. To mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above.
Risk Information
cvss3
Base: 6.0
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
cvss4
Base: 6.0
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description
An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru 2025-05-28. This unauthenticated endpoint returns a list of cashier accounts, including names, email addresses, usernames, and passwords hashed using MD5. As MD5 is a broken cryptographic function, the hashes can be easily reversed using public tools, exposing user credentials in plaintext. This allows remote attackers to perform unauthorized logins and potentially gain access to sensitive POS operations or backend functions.
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=ampup-charging' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
