Bombardier
Company Details
Linkedin ID:
bombardier
Website:
Employees number:
24,676
Number of followers:
1,140,451
NAICS:
3364
Industry Type:
Homepage:
bombardier.com
IP Addresses:
0
Company ID:
BOM_8047285
Scan Status:
In-progress
Bombardier Company CyberSecurity Posture
bombardier.com
Bombardier is a global leader in aviation, focused on designing, manufacturing, and servicing the world's most exceptional business jets. Bombardier’s Challenger and Global aircraft families are renowned for their cutting-edge innovation, cabin design, performance, and reliability. Bombardier has a worldwide fleet of approximately 5,000 aircraft in service with a wide variety of multinational corporations, charter and fractional ownership providers, governments, and private individuals. Bombardier aircraft are also trusted around the world in government and military special-mission roles leveraging Bombardier Defense’s proven expertise. Headquartered in Greater Montréal, Québec, Bombardier operates aerostructure, assembly and completion facilities in Canada, the United States and Mexico. The company’s robust customer support network services the Learjet, Challenger and Global families of aircraft, and includes facilities in strategic locations in the United States and Canada, as well as in the United Kingdom, Germany, France, Switzerland, Italy, Austria, the UAE, Singapore, China and Australia. For corporate news and information, including Bombardier’s Environmental, Social and Governance report, as well as the company’s plans to cover all its flight operations with Sustainable Aviation Fuel (SAF) utilizing the Book and Claim system visit bombardier.com. Learn more about Bombardier’s industry-leading products and customer service network at businessaircraft.bombardier.com. Follow us on Twitter @Bombardier.
Bombardier A.I CyberSecurity Scoring
Bombardier Risk Score (AI oriented)Between 750 and 799
Bombardier
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Bombardier Global Score (TPRM)XXXX
Bombardier
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Bombardier Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
BOMBARDIER
Ransomware
Rankiteo Explanation
Attack threatening the organization's existence
Description: The airplane maker firm Bombardier was targated in a ransomware attack in February 2021. The attackers infiltrated the computer network of Bombardier by exploiting vulnerability in the sharing software Accellion. The Clop Ransomware group took the responsibility of the attack and published some of the stolen classified data online.
Bombardier Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Bombardier
Incidents vs Aviation and Aerospace Component Manufacturing Industry Average (This Year)
No incidents recorded for Bombardier in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Bombardier in 2025.
Incident Types Bombardier vs Aviation and Aerospace Component Manufacturing Industry Avg (This Year)
No incidents recorded for Bombardier in 2025.
Incident History — Bombardier (X = Date, Y = Severity)
Bombardier cyber incidents detection timeline including parent company and subsidiaries
Bombardier Company Subsidiaries
Bombardier is a global leader in aviation, focused on designing, manufacturing, and servicing the world's most exceptional business jets. Bombardier’s Challenger and Global aircraft families are renowned for their cutting-edge innovation, cabin design, performance, and reliability. Bombardier has a worldwide fleet of approximately 5,000 aircraft in service with a wide variety of multinational corporations, charter and fractional ownership providers, governments, and private individuals. Bombardier aircraft are also trusted around the world in government and military special-mission roles leveraging Bombardier Defense’s proven expertise. Headquartered in Greater Montréal, Québec, Bombardier operates aerostructure, assembly and completion facilities in Canada, the United States and Mexico. The company’s robust customer support network services the Learjet, Challenger and Global families of aircraft, and includes facilities in strategic locations in the United States and Canada, as well as in the United Kingdom, Germany, France, Switzerland, Italy, Austria, the UAE, Singapore, China and Australia. For corporate news and information, including Bombardier’s Environmental, Social and Governance report, as well as the company’s plans to cover all its flight operations with Sustainable Aviation Fuel (SAF) utilizing the Book and Claim system visit bombardier.com. Learn more about Bombardier’s industry-leading products and customer service network at businessaircraft.bombardier.com. Follow us on Twitter @Bombardier.
Loading...
Bombardier Similar Companies
SpaceX
SpaceX designs, manufactures and launches the world’s most advanced rockets and spacecraft. The company was founded in 2002 by Elon Musk to revolutionize space transportation, with the ultimate goal of making life multiplanetary. SpaceX has gained worldwide attention for a series of historic mil
CAE
At CAE, we equip people in critical roles with the expertise and solutions to create a safer world. As a technology company, we digitalize the physical world, deploying simulation training and critical operations support solutions. Above all else, we empower pilots, airlines, defence and security fo
Safran
Safran is an international high-technology group, operating in the aviation (propulsion, equipment and interiors), defense and space markets. Its core purpose is to contribute to a safer, more sustainable world, where air transport is more environmentally friendly, comfortable and accessible. Safran
We are building a road to space for the benefit of Earth, humanity’s blue origin. Our team is focused on radically reducing the cost of access to space and harnessing its vast resources while mobilizing future generations to realize this mission. Blue Origin builds reusable rocket engines, launch ve
Pratt & Whitney, an RTX business, is a global leader in propulsion systems, powering the most advanced aircraft in the world, and we are shaping the future of aviation. Our engines help connect people, grow economies and defend freedom. Our customers depend on us to get where they’re going and back
Embraer
A global aerospace company headquartered in Brazil, Embraer has businesses in Commercial and Executive Aviation, Defense & Security, and Agricultural Aviation. The company designs, develops, manufactures and markets aircraft and systems, providing Services and Support to customer after-sales. Sinc
Spirit AeroSystems defines and energizes modern aerospace manufacturing by delivering uncompromising quality, breakthrough innovations and high-skilled production expertise to commercial, defense and business aerospace programs. Spirit AeroSystems is the world’s largest tier-one manufacturer and sup
NASA - National Aeronautics and Space Administration
For more than 60 years, NASA has been breaking barriers to achieve the seemingly impossible—from walking on the Moon to pushing the boundaries of human spaceflight farther than ever before. We work in space and around the world in laboratories and wind tunnels, on airfields and in control rooms to e
Airbus
Airbus pioneers sustainable aerospace for a safe and united world. The Company constantly innovates to provide efficient and technologically-advanced solutions in aerospace, defence, and connected services. In commercial aircraft, Airbus designs and manufactures modern and fuel-efficient airliners
.png)
Bombardier CyberSecurity News
August 06, 2025 07:00 AM
Privacy commissioner to investigate WestJet cybersecurity breach
The office of Canada's privacy commissioner says it has opened an investigation into a cyberattack on WestJet which saw a "malicious actor"...
January 08, 2025 08:00 AM
Greens’ Valeriote, vocal opponent of LNG, says shares in oil and gas company an ‘oversight’
Sea to Sky MLA Jeremy Valeriote, whose election campaign was defined by his opposition to a liquefied natural gas facility in Squamish,...
December 18, 2024 02:41 PM
Bombardier internship program
Let your career take off in a dynamic, supportive environment with our flexible internship program. Gain hands-on experience on real projects.
May 27, 2024 07:00 AM
Court greenlights class action lawsuit against Bombardier
A Quebec judge is authorizing a class action from shareholders against Bombardier Inc. over claims that the plane maker presented a false...
October 11, 2023 04:44 AM
Highlights From The Connected Aviation Intelligence Summit
Avionics International and Via Satellite hosted the annual Connected Aviation Intelligence Summit in Denver, Colorado, in early September.
September 13, 2023 07:00 AM
Rail Cybersecurity Is a Complex Environment
CISOs in the rail industry must protect an older, more complex infrastructure than most industries. Here are some of the unique, high-stakes...
March 30, 2023 07:00 AM
Concordia to host its first forum on cybersecurity in aerospace
APRIL 17: The university's CIADI and the Security Research Centre look towards the future with new industry event.
November 17, 2022 08:00 AM
Cybersecurity: Combatting evolving threats in Montréal
Through education and government support, Greater Montréal offers cybersecurity professionals the best means to get ahead of the curve.
October 04, 2022 07:00 AM
Ferrari Suffers Document Leak Days After Announcing Cybersecurity Partnership
Ferrari acknowledged the internal documents are rotating online but said it has no evidence of a ransomware attack claimed by the RansomEXX...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Bombardier CyberSecurity History Information
Official Website of Bombardier
The official website of Bombardier is http://www.bombardier.com/en/.
Bombardier’s AI-Generated Cybersecurity Score
According to Rankiteo, Bombardier’s AI-generated cybersecurity score is 762, reflecting their Fair security posture.
How many security badges does Bombardier’ have ?
According to Rankiteo, Bombardier currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Bombardier have SOC 2 Type 1 certification ?
According to Rankiteo, Bombardier is not certified under SOC 2 Type 1.
Does Bombardier have SOC 2 Type 2 certification ?
According to Rankiteo, Bombardier does not hold a SOC 2 Type 2 certification.
Does Bombardier comply with GDPR ?
According to Rankiteo, Bombardier is not listed as GDPR compliant.
Does Bombardier have PCI DSS certification ?
According to Rankiteo, Bombardier does not currently maintain PCI DSS compliance.
Does Bombardier comply with HIPAA ?
According to Rankiteo, Bombardier is not compliant with HIPAA regulations.
Does Bombardier have ISO 27001 certification ?
According to Rankiteo,Bombardier is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Bombardier
Bombardier operates primarily in the Aviation and Aerospace Component Manufacturing industry.
Number of Employees at Bombardier
Bombardier employs approximately 24,676 people worldwide.
Subsidiaries Owned by Bombardier
Bombardier presently has no subsidiaries across any sectors.
Bombardier’s LinkedIn Followers
Bombardier’s official LinkedIn profile has approximately 1,140,451 followers.
NAICS Classification of Bombardier
Bombardier is classified under the NAICS code 3364, which corresponds to Aerospace Product and Parts Manufacturing.
Bombardier’s Presence on Crunchbase
No, Bombardier does not have a profile on Crunchbase.
Bombardier’s Presence on LinkedIn
Yes, Bombardier maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/bombardier.
Cybersecurity Incidents Involving Bombardier
As of December 10, 2025, Rankiteo reports that Bombardier has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Bombardier has an estimated 2,675 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Bombardier ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
Incident Details
Can you provide details on each incident ?
Title: Bombardier Ransomware Attack
Description: The airplane maker firm Bombardier was targeted in a ransomware attack in February 2021. The attackers infiltrated the computer network of Bombardier by exploiting a vulnerability in the sharing software Accellion. The Clop Ransomware group took responsibility for the attack and published some of the stolen classified data online.
Date Detected: February 2021
Type: Ransomware
Attack Vector: Exploit vulnerability in software
Vulnerability Exploited: Accellion sharing software
Threat Actor: Clop Ransomware group
Motivation: Financial gain
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Accellion sharing software vulnerability.
Impact of the Incidents
What was the impact of each incident ?
Incident : Ransomware BOM19502322
Data Compromised: Classified data
Systems Affected: Computer network
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Classified data.
Which entities were affected by each incident ?
Data Breach Information
What type of data was compromised in each breach ?
Ransomware Information
Was ransomware involved in any of the incidents ?
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Ransomware BOM19502322
Entry Point: Accellion sharing software vulnerability
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Ransomware BOM19502322
Root Causes: Exploitation of vulnerability in Accellion sharing software
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Clop Ransomware group.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on February 2021.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident was Classified data.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was Classified data.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Accellion sharing software vulnerability.
.png)
Latest Global CVEs (Not Company-Specific)
Description
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Versions 3.5.4 and below contain a Stored Cross-Site Scripting (XSS) vulnerability in the /WeGIA/html/geral/configurar_senhas.php endpoint. The application does not sanitize user-controlled data before rendering it inside the employee selection dropdown. The application retrieves employee names from the database and injects them directly into HTML <option> elements without proper escaping. This issue is fixed in version 3.5.5.
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Description
ZITADEL is an open-source identity infrastructure tool. Versions 4.0.0-rc.1 through 4.7.0 are vulnerable to DOM-Based XSS through the Zitadel V2 logout endpoint. The /logout endpoint insecurely routes to a value that is supplied in the post_logout_redirect GET parameter. As a result, unauthenticated remote attacker can execute malicious JS code on Zitadel users’ browsers. To carry out an attack, multiple user sessions need to be active in the same browser, however, account takeover is mitigated when using Multi-Factor Authentication (MFA) or Passwordless authentication. This issue is fixed in version 4.7.1.
Risk Information
cvss3
Base: 8.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N
Description
ZITADEL is an open-source identity infrastructure tool. Versions 4.7.0 and below are vulnerable to an unauthenticated, full-read SSRF vulnerability. The ZITADEL Login UI (V2) treats the x-zitadel-forward-host header as a trusted fallback for all deployments, including self-hosted instances. This allows an unauthenticated attacker to force the server to make HTTP requests to arbitrary domains, such as internal addresses, and read the responses, enabling data exfiltration and bypassing network-segmentation controls. This issue is fixed in version 4.7.1.
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
Description
NiceGUI is a Python-based UI framework. Versions 3.3.1 and below are vulnerable to directory traversal through the App.add_media_files() function, which allows a remote attacker to read arbitrary files on the server filesystem. This issue is fixed in version 3.4.0.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Description
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions are vulnerable to authentication bypass when the authentication type is set to "webserver." When providing an Authorization header with an arbitrary value, a session is associated with the target user regardless of valid credentials. This issue is fixed in versions 16.0.44 and 17.0.23.
Risk Information
cvss4
Base: 9.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/FreePBX/framework/commit/04224253156543cd9932b90458660b2f19fc0e35#diff-72f14a52840a61504a8e03cd195035b44e488aecd634b001bc6412a04bdc940bR20-R50
- https://github.com/FreePBX/security-reporting/security/advisories/GHSA-9jvh-mv6x-w698
- https://www.freepbx.org/watch-what-we-do-with-security-fixes-%f0%9f%91%80
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=bombardier' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
