Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Asurion

Asurion Vendor Cyber Rating & Cyber Score

asurion.com

As the world’s leading tech care company, Asurion eliminates the fears and frustrations associated with technology, to ensure our 300 million customers get the most out of their devices, appliances and connections. We provide insurance, repair, replacement, installation and 24/7 support for everything from cellphones to laptops and household appliances. Our experts are available online, on the phone, at one of our more than 800 stores, or can even come to you.


Asurion A.I CyberSecurity Scoring

Asurion
Company Information
Website:http://www.asurion.com
Employees number:16,725
Number of followers:270,567
NAICS:5415
Industry Type:IT Services and IT Consulting
Homepage:asurion.com
Asurion Risk Score (AI oriented)
Between 700 and 749
logo
AsurionIT Services and IT Consulting
Updated:
23/04/2026
749/1000
Moderate
Ba
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
Asurion Global Score (TPRM)
xxxx
logo
AsurionIT Services and IT Consulting
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

Asurion
AsurionModerate
Current Score
749Ba (MODERATE)
01000
2 incidents
-14 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
751Before Incident
JUNE 2026
750Before Incident
MAY 2026
749Before Incident
APRIL 2026
763Before Incident
Cyber Attack
22 Apr 2026Asurion
Asurion, npm and GitHub: Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

New Supply Chain Worm Targets npm and PyPI, Stealing Developer Credentials

749After Incident
CRITICAL-14
GITNPMASU1776918263
New Supply Chain Worm Targets npm and PyPI, Stealing Developer Credentials Cybersecurity researchers from Socket and StepSecurity have uncovered a self-propagating supply chain worm, dubbed CanisterSprawl, that exploits compromised npm packages to steal developer credentials and spread malicious updates. The campaign, active in recent weeks, leverages an ICP canister for data exfiltration a tactic previously used by TeamPCP to evade takedowns. ### Affected Packages The following npm packages were found to contain malicious postinstall hooks that trigger the worm during installation: - `@automagik/genie` (v4.260421.33–4.260421.40) - `@fairwords/loopback-connector-es` (v1.4.3–1.4.4) - `@fairwords/websocket` (v1.0.38–1.0.39) - `@openwebconcept/design-tokens` (v1.0.1–1.0.3) - `@openwebconcept/theme-owc` (v1.0.1–1.0.3) - `pgserve` (v1.1.11–1.1.14) ### Attack Mechanics Once executed, the malware harvests sensitive data from developer environments, including: - npm tokens (used to publish poisoned package versions) - SSH keys, `.git-credentials`, and `.netrc` files - Cloud credentials (AWS, Google Cloud, Azure) - Kubernetes, Docker, Terraform, and Vault configurations - Local `.env` files and shell history - Browser-stored credentials (Chromium-based browsers) - Cryptocurrency wallet extensions Stolen data is exfiltrated to: - An HTTPS webhook (`telemetry.api-monitor[.]com`) - An ICP canister (`cjn37-uyaaa-aaaac-qgnva-cai.raw.icp0[.]io`) The worm also includes PyPI propagation logic, generating malicious Python packages via Twine if credentials are present, effectively turning one compromised environment into multiple package infections. ### Additional Threats in Open-Source Ecosystems - Compromised PyPI Package: Versions 2.6.0–2.6.2 of the legitimate `xinference` package were altered to include a Base64-encoded payload, fetching a second-stage credential harvester. While the payload includes the marker "# hacked by teampcp," the group denied involvement, suggesting a copycat attack. - Fake Kubernetes Tools: Malicious npm (`kube-health-tools`) and PyPI (`kube-node-health`) packages disguised as Kubernetes utilities deploy a Go-based binary that sets up: - A SOCKS5 proxy - A reverse proxy - An SFTP server - An LLM proxy (routing requests to Chinese LLM APIs, enabling secret exfiltration and malicious payload injection). - Asurion-Themed npm Attack: Between April 1–8, 2026, threat actors published fake npm packages (`sbxapps`, `asurion-hub-web`, `soluto-home-web`, `asurion-core`) impersonating Asurion and its subsidiaries. Stolen credentials were first sent to a Slack webhook, then to an AWS API Gateway endpoint, later obfuscated with XOR encoding. - GitHub Actions Exploitation: A campaign dubbed prt-scan, active since March 11, 2026, abuses the `pull_request_target` GitHub Actions trigger to steal secrets. Attackers: - Fork repositories using the trigger - Inject malicious payloads into CI workflows - Open pull requests to trigger credential theft - Publish malicious npm packages if tokens are found While the campaign had a <10% success rate, most victims were small projects, though a few exposed cloud credentials and persistent API keys. ### Impact & Trends These incidents highlight the growing sophistication of supply chain attacks, with threat actors increasingly targeting npm, PyPI, and CI/CD pipelines to propagate malware. The use of resilient exfiltration methods (ICP canisters, obfuscated endpoints) and multi-stage credential theft underscores the need for heightened scrutiny in open-source dependency management.
INCIDENT DETAILS -
TYPE
Supply Chain AttackCredential TheftMalware Propagation
MOTIVATION
Credential theftData exfiltrationMalware propagation
IMPACT
npm tokensSSH keys.git-credentials.netrc filesCloud credentials (AWS, Google Cloud, Azure)Kubernetes/Docker/Terraform/Vault configurationsLocal .env filesShell historyBrowser-stored credentialsCryptocurrency wallet extensionsnpmPyPICI/CD pipelinesDeveloper environmentsCompromised package ecosystemsMalicious package propagationOpen-source ecosystem trust erosionHigh (stolen credentials)
DATA BREACH
CredentialsConfiguration filesBrowser dataCryptocurrency walletsSensitivity Of Data: High (developer and cloud credentials)HTTPS webhook (telemetry.api-monitor[.]com)ICP canister (cjn37-uyaaa-aaaac-qgnva-cai.raw.icp0[.]io).env.git-credentials.netrcSSH keys
MARCH 2026
763Before Incident
FEBRUARY 2026
762Before Incident
JANUARY 2026
762Before Incident
DECEMBER 2025
760Before Incident
NOVEMBER 2025
761Before Incident
OCTOBER 2025
761Before Incident
SEPTEMBER 2025
760Before Incident
AUGUST 2025
760Before Incident
AUGUST 2019
781Before Incident
Breach
01 Aug 2019Asurion
Asurion

Asurion Data Breach

700After Incident
CRITICAL-81
ASU11273423
Asurion suffered from a data breach incident which disclosed private info of 1000 employees and more than a million customers. The company confirmed the breach but said it believes the suspect took less information than he claimed. The hacker has more than 100 terabytes of Asurion's sensitive data including thousands of employee's social security numbers and banking information and over a million customer's names, addresses, phone numbers and account numbers. It was found that the corporation paid at least $300,000 in ransom to an extortionist who claimed he stole the private information.
INCIDENT DETAILS -
TYPE
Data Breach
MOTIVATION
Financial
IMPACT
Financial Loss: $300,000Social Security NumbersBanking InformationNamesAddressesPhone NumbersAccount Numbers
DATA BREACH
Social Security NumbersBanking InformationNamesAddressesPhone NumbersAccount Numbers1000 employeesMore than a million customersSensitivity Of Data: HighData Exfiltration: YesPersonally Identifiable Information: Yes

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for Asurion ?
?
What was Asurion's A.I Rankiteo Cyber Score in June 2026 ?
?
What was Asurion's A.I Rankiteo Cyber Score in May 2026 ?
?
What was Asurion's A.I Rankiteo Cyber Score in April 2026 ?
?
What was Asurion's A.I Rankiteo Cyber Score in March 2026 ?
?
What was Asurion's A.I Rankiteo Cyber Score in February 2026 ?
?
What was Asurion's A.I Rankiteo Cyber Score in January 2026 ?
?
What was Asurion's A.I Rankiteo Cyber Score in December 2025 ?
?
What was Asurion's A.I Rankiteo Cyber Score in November 2025 ?
?
What was Asurion's A.I Rankiteo Cyber Score in October 2025 ?
?
What was Asurion's A.I Rankiteo Cyber Score in September 2025 ?
?
What was Asurion's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on Asurion's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with Asurion ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view Asurion's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?