Company Details
big-lots
17,565
90,394
43
biglots.com
0
BIG_1685692
In-progress


Big Lots Company CyberSecurity Posture
biglots.comBig Lots is an off-price retailer, offering bargains on everything for the home, including furniture, décor, pantry essentials, kitchenware, pet supplies, and more. Big Lots fulfills its mission to help customers "Live Big and Save Lots" by strategically sourcing bargains in a variety of creative ways, such as closeouts, overstocks and manufacturer liquidations.
Company Details
big-lots
17,565
90,394
43
biglots.com
0
BIG_1685692
In-progress
Between 750 and 799

Big Lots Global Score (TPRM)XXXX



No incidents recorded for Big Lots in 2026.
No incidents recorded for Big Lots in 2026.
No incidents recorded for Big Lots in 2026.
Big Lots cyber incidents detection timeline including parent company and subsidiaries

Big Lots is an off-price retailer, offering bargains on everything for the home, including furniture, décor, pantry essentials, kitchenware, pet supplies, and more. Big Lots fulfills its mission to help customers "Live Big and Save Lots" by strategically sourcing bargains in a variety of creative ways, such as closeouts, overstocks and manufacturer liquidations.

Company Overview Headquartered in Knoxville, Tennessee, Pilot Flying J is the largest operator of travel centers in North America with more than 750 locations throughout the United States and Canada and employs more than 24,000 Team Members. Pilot Flying J services over a million guests every day.
Victoria’s Secret & Co. (NYSE: VSCO) is a specialty retailer of modern, fashion-inspired collections including signature bras, panties, lingerie, casual sleepwear, athleisure and swim, as well as award-winning prestige fragrances and body care. VS&Co is comprised of market leading brands, Victoria’s

Mr Price Group Limited is an omni-channel, fashion value retailer. The Group retails apparel, homeware and sportswear and is one of the fastest growing retailers in South Africa. Our History: 1885 - The first John Orrs store opens 1934 - The first Hub store opens 1952 - John Orrs is listed on the J

Somos la cadena de tiendas de conveniencia más grande de México y América Latina, con 45 años de experiencia y más de 22 mil establecimientos ubicados a lo largo de la República Mexicana, Colombia, Perú, Chile y Brasil. En OXXO como compañía 100% mexicana y como parte de la División Proxi

To create new-generation retailing that improves people’s lives, Auchan Retail places customers at the centre of its actions and reaffirms the retailer’s role: that of a multi-format, “phygital” activist for good, healthy, local produce that constantly reinvents itself to deliver a new customer expe

Since 1958, we’ve been pushing the envelope for accurate and reliable inventories and quality retail merchandising services. Our trusted results allowed us to expand across the globe as well as leverage our expertise to service other industries. With nation-wide coverage and thousands of employees

Avolta AG, (SIX: AVOL) is leading a travel experience revolution. The result of the Dufry-Autogrill business combination, Avolta puts the traveler at our strategic core as we maximize every moment of the journey through our unique combination of travel retail and travel food & beverage, passion fo
As we reinvent ourselves to fit the diversity of America, we are looking for motivated, talented people who can emerge as Warriors in our organization. JCPenney offers an inclusive environment and culture where you can find and define yourself - your style, your purpose and your career. We know s

Anpacker. Durchstarter. Möglichmacher. Alle reden vom Kundenfokus, Customer first, dem Kunden als König. Wir finden, das ist zu kurz gedacht und würden es so formulieren: Der Mensch ist Dreh- und Angelpunkt unseres Erfolgs. Dazu gehört neben einer Kunden- auch die Mitarbeiterfokussierung. Und genau
.png)
Cybersecurity startup investment for 2025 hit the highest level in three years, bolstered by big rounds for AI-focused companies in the...
A Delaware bankruptcy judge on Thursday approved a $6.5 million settlement between retail chain Big Lots and its directors and officers,...
Spencer Sheehan of Sheehan & Associates PC, who regularly represents consumers in food mislabeling cases, couldn't convince the Eleventh...
Data breaches affecting millions of users are far too common. Here are some of the biggest, baddest breaches in recent memory.
Retail asset specialist Gordon Brothers urged a Delaware bankruptcy court to compel payment of more than $10 million from Big Lots Inc.,...
A fourth wave of Big Lots stores will reopen this week, bringing back nearly 80 locations in nine states that were previously shuttered as...
More than 100 Big Lots stores have reopened this year. Now, 80 more are preparing to reopen soon.
Another round of Big Lots stores, previously shuttered as part of its Chapter 11 bankruptcy filing, are set to reopen this week.
A number of Big Lots stores are slated to open next week. After announcing that store openings would come in waves in 2025, more than 70...

Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
The official website of Big Lots is https://www.biglots.com.
According to Rankiteo, Big Lots’s AI-generated cybersecurity score is 764, reflecting their Fair security posture.
According to Rankiteo, Big Lots currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
According to Rankiteo, Big Lots has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
According to Rankiteo, Big Lots is not certified under SOC 2 Type 1.
According to Rankiteo, Big Lots does not hold a SOC 2 Type 2 certification.
According to Rankiteo, Big Lots is not listed as GDPR compliant.
According to Rankiteo, Big Lots does not currently maintain PCI DSS compliance.
According to Rankiteo, Big Lots is not compliant with HIPAA regulations.
According to Rankiteo,Big Lots is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Big Lots operates primarily in the Retail industry.
Big Lots employs approximately 17,565 people worldwide.
Big Lots presently has no subsidiaries across any sectors.
Big Lots’s official LinkedIn profile has approximately 90,394 followers.
Big Lots is classified under the NAICS code 43, which corresponds to Retail Trade.
Yes, Big Lots has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/big-lots.
Yes, Big Lots maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/big-lots.
As of January 24, 2026, Rankiteo reports that Big Lots has not experienced any cybersecurity incidents.
Big Lots has an estimated 15,595 peer or competitor companies worldwide.
Total Incidents: According to Rankiteo, Big Lots has faced 0 incidents in the past.
Incident Types: The types of cybersecurity incidents that have occurred include .
.png)
Typemill is a flat-file, Markdown-based CMS designed for informational documentation websites. A reflected Cross-Site Scripting (XSS) exists in the login error view template `login.twig` of versions 2.19.1 and below. The `username` value can be echoed back without proper contextual encoding when authentication fails. An attacker can execute script in the login page context. This issue has been fixed in version 2.19.2.
A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the DomainCheckerApp class within domain/script.js of Sourcecodester Domain Availability Checker v1.0. The vulnerability occurs because the application improperly handles user-supplied data in the createResultElement method by using the unsafe innerHTML property to render domain search results.
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Modern Image Gallery App v1.0 within the gallery/upload.php component. The application fails to properly validate uploaded file contents. Additionally, the application preserves the user-supplied file extension during the save process. This allows an unauthenticated attacker to upload arbitrary PHP code by spoofing the MIME type as an image, leading to full system compromise.
A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges. To mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above.
An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru 2025-05-28. This unauthenticated endpoint returns a list of cashier accounts, including names, email addresses, usernames, and passwords hashed using MD5. As MD5 is a broken cryptographic function, the hashes can be easily reversed using public tools, exposing user credentials in plaintext. This allows remote attackers to perform unauthorized logins and potentially gain access to sensitive POS operations or backend functions.

Get company history
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.