Beverly Hospital Company CyberSecurity Posture
http://www.beverlyhospital.org
Beverly Hospital, part of Beth Israel Lahey Health, is a full service, community hospital providing quality, patient-centered care to North Shore and Cape Ann residents. Services include maternity, pediatrics, surgical, orthopedics, cardiology, rehabilitation as well as other specialties. The hospital boasts a medical staff of more than 600 physicians and its service area includes 13 communities. Addison Gilbert Hospital is a full-service, 79-bed medical acute care facility located in Gloucester, Massachusetts. The hospital was founded in 1889 and to this day provides state-of-the-art inpatient and outpatient care to residents of the Cape Ann community. Beverly and Addison Gilbert Hospitals are a member of Lahey Health.
Company Details
beverly-hospital
1,447
8,807
62
http://www.beverlyhospital.org
0
BEV_1822318
In-progress
Beverly Hospital Risk Score (AI oriented)Between 750 and 799
Beverly Hospital Global Score (TPRM)XXXX
Description: Beverly Hospital suffered a data leak after it lost a courier lab request forms for 54 patients that included names, health insurance identification numbers and, in some cases, Social Security numbers. The courier misplaced the forms, which were in a zippered bag along with other records.
No incidents recorded for Beverly Hospital in 2025.
No incidents recorded for Beverly Hospital in 2025.
No incidents recorded for Beverly Hospital in 2025.
Beverly Hospital cyber incidents detection timeline including parent company and subsidiaries
Beverly Hospital, part of Beth Israel Lahey Health, is a full service, community hospital providing quality, patient-centered care to North Shore and Cape Ann residents. Services include maternity, pediatrics, surgical, orthopedics, cardiology, rehabilitation as well as other specialties. The hospital boasts a medical staff of more than 600 physicians and its service area includes 13 communities. Addison Gilbert Hospital is a full-service, 79-bed medical acute care facility located in Gloucester, Massachusetts. The hospital was founded in 1889 and to this day provides state-of-the-art inpatient and outpatient care to residents of the Cape Ann community. Beverly and Addison Gilbert Hospitals are a member of Lahey Health.
UPMC is a world-renowned, nonprofit health care provider and insurer committed to delivering exceptional, people-centered care and community services. Headquartered in Pittsburgh and affiliated with the University of Pittsburgh Schools of the Health Sciences, UPMC is shaping the future of health thr
OhioHealth is a nationally recognized, not-for-profit, faith-based health system of more than 35,000 associates, providers and volunteers. We lead with our mission to improve the health of those we serve throughout our 16 hospitals and 200+ urgent, primary and specialty care sites spanning 50 Ohio c
A world-leading integrated healthcare provider, IHH believes that making a difference starts with our aspiration to Care. For Good. Our team of 65,000 people commit to deliver greater good to our patients, people, the public and our planet, as we live our purpose each day to touch lives and trans
LUX MED - leader and trustworthy expert We care for the health of the patients professionally and with engagement, we have been developing our business for over 20 years. Today we are the leader and expert on the private healthcare market. We take under our care both individual patients and corpo
Fresenius Medical Care is the world’s leading provider of products and services for individuals with renal diseases. We aim to create a future worth living for chronically and critically ill patients – worldwide and every day. Thanks to our decades of experience in dialysis, our innovative research
American Medical Response, America’s leading provider of medical transportation, has a single mission: making a difference by caring for people in need. AMR solutions include 911 emergency, interfacility transportation, event medical, advanced & basic life support transports and federal disaster res
Mercy, one of the 15 largest U.S. health systems and named the top large system in the U.S. for excellent patient experience by NRC Health, serves millions annually with nationally recognized care and one of the nation’s largest and highest performing Accountable Care Organizations in quality and co
Rochester Regional Health, headquartered in Rochester, NY, is an integrated health services organization serving the people of Western New York, the Finger Lakes, St. Lawrence County, and beyond. We are dedicated to helping our community stay healthy and live fulfilling lives. Together, we find the
Access Healthcare provides business process outsourcing, application services, and robotic process automation tools to hospitals, health systems, providers, payers, and related service providers. We operate from 20 delivery centers across nine cities in the US, India, and the Philippines, and our 2
.png)
See the latest announcement from the Portsmouth Public Library.
This fall in Beverly, MA, homeowners should prepare for a season that trends cooler and drier than usual in the autumn months.
One of the teenagers hurt in a car crash on Route 128 in Gloucester early Monday morning is not expected to recover from his injuries, his father said in a...
One person is dead and another is hospitalized after a small plane crashed in the street near an airport on the North Shore of Massachusetts on Thursday...
In Beverly, MA, Axcelis Technologies, Inc. recently celebrated the grand opening of its new Axcelis Logistics Center.
A growing number of hospital operators across the country are in financial distress or have declared bankruptcy under the pressure of labor shortages and high...
Beverly Hospital near Los Angeles tried and failed for years to sell itself. It turned the corner when it filed for bankruptcy.
Aug. 26—BEVERLY — Former patients of the North Shore Birth Center on Thursday accused hospital officials of casting them aside in the middle...
Ettain Group, a national provider of recruitment and managed solutions, has acquired Centerline Partners, a Beverly, MA-based management consulting firm.
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
The official website of Beverly Hospital is http://www.beverlyhospital.org.
According to Rankiteo, Beverly Hospital’s AI-generated cybersecurity score is 762, reflecting their Fair security posture.
According to Rankiteo, Beverly Hospital currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
According to Rankiteo, Beverly Hospital is not certified under SOC 2 Type 1.
According to Rankiteo, Beverly Hospital does not hold a SOC 2 Type 2 certification.
According to Rankiteo, Beverly Hospital is not listed as GDPR compliant.
According to Rankiteo, Beverly Hospital does not currently maintain PCI DSS compliance.
According to Rankiteo, Beverly Hospital is not compliant with HIPAA regulations.
According to Rankiteo,Beverly Hospital is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Beverly Hospital operates primarily in the Hospitals and Health Care industry.
Beverly Hospital employs approximately 1,447 people worldwide.
Beverly Hospital presently has no subsidiaries across any sectors.
Beverly Hospital’s official LinkedIn profile has approximately 8,807 followers.
Beverly Hospital is classified under the NAICS code 62, which corresponds to Health Care and Social Assistance.
No, Beverly Hospital does not have a profile on Crunchbase.
Yes, Beverly Hospital maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/beverly-hospital.
As of November 27, 2025, Rankiteo reports that Beverly Hospital has experienced 1 cybersecurity incidents.
Beverly Hospital has an estimated 30,007 peer or competitor companies worldwide.
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak.
Title: Beverly Hospital Data Leak
Description: Beverly Hospital suffered a data leak after it lost a courier lab request forms for 54 patients that included names, health insurance identification numbers and, in some cases, Social Security numbers. The courier misplaced the forms, which were in a zippered bag along with other records.
Type: Data Leak
Attack Vector: Physical Theft
Threat Actor: Courier
Common Attack Types: The most common types of attacks the company has faced is Data Leak.
Data Compromised: Names, Health insurance identification numbers, Social security numbers
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Names, Health Insurance Identification Numbers, Social Security Numbers and .
Entity Name: Beverly Hospital
Entity Type: Hospital
Industry: Healthcare
Customers Affected: 54 patients
Type of Data Compromised: Names, Health insurance identification numbers, Social security numbers
Number of Records Exposed: 54
Sensitivity of Data: High
Personally Identifiable Information: NamesHealth insurance identification numbersSocial Security numbers
Last Attacking Group: The attacking group in the last incident was an Courier.
Most Significant Data Compromised: The most significant data compromised in an incident were Names, Health insurance identification numbers, Social Security numbers and .
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Names, Social Security numbers and Health insurance identification numbers.
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 54.0.
.png)
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Get company history
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rapid