Boost Mobile
Last Update: 2025-12-17
Between 750 and 799
A fresh take on wireless.
NAICS: 517
NAICS Definition: Telecommunications
Employees: 6,380
Subsidiaries: 8
12-month incidents
0
Known data breaches
1
Attack type number
2
Comparison Overview
Boost Mobile
VS
Telekom Malaysia
Telekom Malaysia
Last Update: 2025-12-17
Between 700 and 749
TM is the national connectivity and digital infrastructure provider and Malaysia’s leading integrated telco; offering a comprehensive suite of communication services and solutions in fixed (telephony and broadband), mobility, content, WiFi, ICT, Cloud and smart services. TM is driven by stakeholder value creation in a highly competitive environment and places, emphasis on delivering an enhanced customer experience via continuous customer service quality improvements and innovations, whilst focusing on increased operational efficiency and productivity. As the enabler of the nation’s Digital Malaysia aspiration, TM has been at the forefront of every telecommunications technology evolution in the country and will continue to do so. It provides the communications backbone of Malaysia with the widest connectivity and convergence network. TM remains committed to expanding its network with a comprehensive digital infrastructure. Moving beyond connectivity services, TM is developing new value-added digital services to cater to a more digital lifestyle and society, digital businesses, and digital government, striving to make “Life and Business Easier, for a better Malaysia.” For further information on TM, visit www.tm.com.my. . SSM: 128740-P
NAICS: 517
NAICS Definition: Telecommunications
Employees: 10,490
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
1
Compliance Badges Comparison
Security & Compliance Standards Overview
Boost Mobile
ISO 27001
Not verified
SOC2 Type 1
Not verified
SOC2 Type 2
Not verified
GDPR
Not verified
PCI DSS
Not verified
HIPAA
Not verified
Telekom Malaysia
ISO 27001
Not verified
SOC2 Type 1
Not verified
SOC2 Type 2
Not verified
GDPR
Not verified
PCI DSS
Not verified
HIPAA
Not verified
Compliance Summary
Boost Mobile
100%
Compliance Rate
0/4 Standards Verified
Telekom Malaysia
0%
Compliance Rate
0/4 Standards Verified
Benchmark & Cyber Underwriting Signals
Incidents vs Telecommunications Industry Average (This Year)
No incidents recorded for Boost Mobile in 2025.
Incidents vs Telecommunications Industry Average (This Year)
No incidents recorded for Telekom Malaysia in 2025.
Incident History — Boost Mobile (X = Date, Y = Severity)
Boost Mobile cyber incidents detection timeline including parent company and subsidiaries
Incident History — Telekom Malaysia (X = Date, Y = Severity)
Telekom Malaysia cyber incidents detection timeline including parent company and subsidiaries
Notable Incidents
Last 3 Security & Risk Events by Company
Boost Mobile
Incidents
Telekom Malaysia
Incidents
FAQ
Boost Mobile company demonstrates a stronger AI Cybersecurity Score compared to Telekom Malaysia company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.
Boost Mobile company has faced a higher number of disclosed cyber incidents historically compared to Telekom Malaysia company.
In the current year, Telekom Malaysia company and Boost Mobile company have not reported any cyber incidents.
Boost Mobile company has confirmed experiencing a ransomware attack, while Telekom Malaysia company has not reported such incidents publicly.
Boost Mobile company has disclosed at least one data breach, while the other Telekom Malaysia company has not reported such incidents publicly.
Neither Telekom Malaysia company nor Boost Mobile company has reported experiencing targeted cyberattacks publicly.
Neither Boost Mobile company nor Telekom Malaysia company has reported experiencing or disclosing vulnerabilities publicly.
Neither Boost Mobile nor Telekom Malaysia holds any compliance certifications.
Neither company holds any compliance certifications.
Boost Mobile company has more subsidiaries worldwide compared to Telekom Malaysia company.
Telekom Malaysia company employs more people globally than Boost Mobile company, reflecting its scale as a Telecommunications.
Neither Boost Mobile nor Telekom Malaysia holds SOC 2 Type 1 certification.
Neither Boost Mobile nor Telekom Malaysia holds SOC 2 Type 2 certification.
Neither Boost Mobile nor Telekom Malaysia holds ISO 27001 certification.
Neither Boost Mobile nor Telekom Malaysia holds PCI DSS certification.
Neither Boost Mobile nor Telekom Malaysia holds HIPAA certification.
Neither Boost Mobile nor Telekom Malaysia holds GDPR certification.
Latest Global CVEs (Not Company-Specific)
Description
Nagios XI versions prior to 2026R1.1 are vulnerable to local privilege escalation due to an unsafe interaction between sudo permissions and application file permissions. A user‑accessible maintenance script may be executed as root via sudo and includes an application file that is writable by a lower‑privileged user. A local attacker with access to the application account can modify this file to introduce malicious code, which is then executed with elevated privileges when the script is run. Successful exploitation results in arbitrary code execution as the root user.
Risk Information
cvss4
Base: 8.6
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Out of bounds read and write in V8 in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Description
Use after free in WebGPU in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Description
SIPGO is a library for writing SIP services in the GO language. Starting in version 0.3.0 and prior to version 1.0.0-alpha-1, a nil pointer dereference vulnerability is in the SIPGO library's `NewResponseFromRequest` function that affects all normal SIP operations. The vulnerability allows remote attackers to crash any SIP application by sending a single malformed SIP request without a To header. The vulnerability occurs when SIP message parsing succeeds for a request missing the To header, but the response creation code assumes the To header exists without proper nil checks. This affects routine operations like call setup, authentication, and message handling - not just error cases. This vulnerability affects all SIP applications using the sipgo library, not just specific configurations or edge cases, as long as they make use of the `NewResponseFromRequest` function. Version 1.0.0-alpha-1 contains a patch for the issue.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
GLPI is a free asset and IT management software package. Starting in version 9.1.0 and prior to version 10.0.21, an unauthorized user with an API access can read all knowledge base entries. Users should upgrade to 10.0.21 to receive a patch.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
