CenturyLink
Company Details
Linkedin ID:
centurylink
Website:
Employees number:
24,839
Number of followers:
229,889
NAICS:
5415
Industry Type:
Homepage:
centurylink.com
IP Addresses:
0
Company ID:
CEN_2031114
Scan Status:
In-progress
CenturyLink Company CyberSecurity Posture
centurylink.com
CenturyLink (NYSE: CTL) is a technology leader delivering hybrid networking, cloud connectivity, and security solutions to customers around the world. Through its extensive global fiber network, CenturyLink provides secure and reliable services to meet the growing digital demands of businesses and consumers. CenturyLink strives to be the trusted connection to the networked world and is focused on delivering technology that enhances the customer experience. Learn more at http://news.centurylink.com/.
CenturyLink A.I CyberSecurity Scoring
CenturyLink Risk Score (AI oriented)Between 750 and 799
CenturyLink
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
CenturyLink Global Score (TPRM)XXXX
CenturyLink
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
CenturyLink Company CyberSecurity News & History
Past Incidents
3
Attack Types
3
CenturyLink
Data Leak
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: The personal information of hundreds of thousands of CenturyLink customers, including names, addresses, email addresses, and phone numbers was exposed online. A database of 2.8m records containing sensitive information regarding hundreds of thousands of CenturyLink’s customers was left open online for anyone with internet access to see. They included multiple pieces of personal information including name, email address, phone number, and address, along with account-specific information. The database comprised API logs with customer information and contained more than 2.8 million records in total. CenturyLink said to the affected customers. "We will continue to work to protect customer information, takes the protection of our customers’ information seriously, and we will work to ensure that we earn our customers’ trust.
CenturyLink Communications
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The Maine Office of the Attorney General disclosed a **data breach** affecting **CenturyLink Communications** between **August 20 and August 31, 2020**. The incident stemmed from a **sophisticated password-guessing attack** targeting the **MyCenturyLink customer portal**, compromising **1,942 accounts**. Exposed data included **usernames, email addresses, full names (first and last), service addresses, billing addresses, and related account details**. While no financial or highly sensitive information (e.g., Social Security numbers, payment card data) was confirmed stolen, the breach risked **unauthorized access to personal and account-specific information**, potentially enabling **phishing, identity fraud, or further targeted attacks**. CenturyLink responded by **issuing written notifications to affected customers between September 21–25, 2020**, though the delay between discovery and disclosure raised concerns about proactive mitigation. The attack highlighted vulnerabilities in **authentication mechanisms**, emphasizing the need for stronger password policies and multi-factor authentication (MFA) to prevent credential-stuffing exploits.
lumentechnologies
Ransomware
Rankiteo Explanation
Attack limited on finance or reputation
Description: Lumen Technologies, a leading provider of telecommunications services, identified two cybersecurity issues, including a ransomware attack. One of the events involved a ransomware attack on a small number of its servers that operate a segmented hosting service. The corporation simply acknowledged that the issue "is currently impairing the operations of a small number of the Company's enterprise customers." It gave no further information regarding the family of ransomware that infected its systems. Lumen developed improved security software following the ransomware attack's detection, which enabled the business to identify a different incursion.
CenturyLink Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for CenturyLink
Incidents vs IT Services and IT Consulting Industry Average (This Year)
No incidents recorded for CenturyLink in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for CenturyLink in 2025.
Incident Types CenturyLink vs IT Services and IT Consulting Industry Avg (This Year)
No incidents recorded for CenturyLink in 2025.
Incident History — CenturyLink (X = Date, Y = Severity)
CenturyLink cyber incidents detection timeline including parent company and subsidiaries
CenturyLink Company Subsidiaries
CenturyLink (NYSE: CTL) is a technology leader delivering hybrid networking, cloud connectivity, and security solutions to customers around the world. Through its extensive global fiber network, CenturyLink provides secure and reliable services to meet the growing digital demands of businesses and consumers. CenturyLink strives to be the trusted connection to the networked world and is focused on delivering technology that enhances the customer experience. Learn more at http://news.centurylink.com/.
Loading...
CenturyLink Similar Companies
Tietoevry
In a rapidly changing world, technology is everything. It's in the fabric of society. In every part of every business. At the very heart of human evolution. It’s a great power that comes with great responsibility. At Tietoevry, we believe it’s time to shift perspective. It’s not about what technolo
For over 70 years, Iron Mountain Incorporated (NYSE: IRM) has been your strategic partner to care for your information and assets. A global leader in storage and information management services and trusted by more than 225,000 organizations around the world, including 95% of the Fortune 1000, we pro
Tech Mahindra
Tech Mahindra offers technology consulting and digital solutions to global enterprises across industries, enabling transformative scale at unparalleled speed. With 150,000+ professionals across 90+ countries helping 1100+ clients, TechM provides a full spectrum of services including consulting, info
UST
UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the world’s best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to op
Engineering Group
Engineering Group is the Digital Transformation Company, leader in Italy and expanding its global footprint, with around 14,000 associates and with over 80 offices spread across Europe, the United States, and South America and global delivery. The Engineering Group, consisting of over 70 companies
Tata Elxsi
Tata Elxsi is amongst the world’s leading providers of design and technology services across industries, including Automotive, Media & Entertainment, Communications, and Healthcare. Tata Elxsi is helping customers reimagine their products and services through design thinking and the application of d
Mastercard
Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we’re building a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Ou
GlobalLogic Latinoamérica
GlobalLogic, una empresa del grupo Hitachi, es líder en ingeniería digital en Latinoamérica. Ayudamos a diferentes marcas a diseñar y crear productos, plataformas y experiencias digitales innovadoras para el mundo moderno. Al integrar el diseño de experiencia, la ingeniería compleja y la exper
Serco
We bring together the right people, the right technology and the right partners to create innovative solutions that make positive impact and address some of the most urgent and complex challenges facing the modern world. With a focus on serving governments globally, Serco’s services span justice,
.png)
CenturyLink CyberSecurity News
October 27, 2025 07:00 AM
DCM Services Names Curtis Rebelein as Chief Information Security Officer
Rebelein will lead efforts to fortify DCM Services' security posture, regulatory compliance, and risk management strategies.
August 18, 2025 07:00 AM
Why Clearance Holders Get Rejected for Jobs – Even When They Have the Right Skills
Sometimes the biggest setbacks in a cleared job search come down to the smallest details. Stephanie Holman, a technical recruiter at...
July 23, 2025 07:00 AM
Cloudflare report reveals surge in internet shutdowns & outages
Cloudflare's Q2 2025 report reveals a sharp rise in global internet shutdowns from government actions, outages, cable damage and...
May 20, 2025 07:00 AM
Women Know Cyber: 150 Fascinating Females Fighting Cybercrime
Role models for students, parents, educators, and the cybersecurity community Sponsored by Secureworks.
March 10, 2025 07:00 AM
Lumen Technologies Data Breach Investigation
Strauss Borrelli PLLC, a leading data breach law firm, is investigating CenturyLink Communications, LLC, which does business as Lumen...
January 10, 2025 08:00 AM
Meet the Chinese ‘Typhoon’ hackers preparing for war
Of the cybersecurity risks facing the United States today, few loom larger than the potential sabotage capabilities posed by China-backed...
October 07, 2024 07:00 AM
The 30-year-old internet backdoor law that came back to bite
China reportedly hacked the wiretap systems required by U.S. internet providers under a 1994 U.S. wiretapping law.
June 15, 2024 06:35 AM
CenturyLink's Adaptive Network Security Mobility Looks to Secure Public WiFi
In order to secure data that remote users are sending across public WiFi connections, CenturyLink has officially released its Adaptive Network Security...
April 11, 2024 07:00 AM
Lumen Technologies Wins $73.6M Managed Network Services Contract With US Government Accountability Office
Lumen Technologies, formerly CenturyLink, has landed a $73.6 million contract to transform the US Government Accountability Office's (GAO) network, data, voice...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
CenturyLink CyberSecurity History Information
Official Website of CenturyLink
The official website of CenturyLink is http://www.centurylink.com.
CenturyLink’s AI-Generated Cybersecurity Score
According to Rankiteo, CenturyLink’s AI-generated cybersecurity score is 764, reflecting their Fair security posture.
How many security badges does CenturyLink’ have ?
According to Rankiteo, CenturyLink currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does CenturyLink have SOC 2 Type 1 certification ?
According to Rankiteo, CenturyLink is not certified under SOC 2 Type 1.
Does CenturyLink have SOC 2 Type 2 certification ?
According to Rankiteo, CenturyLink does not hold a SOC 2 Type 2 certification.
Does CenturyLink comply with GDPR ?
According to Rankiteo, CenturyLink is not listed as GDPR compliant.
Does CenturyLink have PCI DSS certification ?
According to Rankiteo, CenturyLink does not currently maintain PCI DSS compliance.
Does CenturyLink comply with HIPAA ?
According to Rankiteo, CenturyLink is not compliant with HIPAA regulations.
Does CenturyLink have ISO 27001 certification ?
According to Rankiteo,CenturyLink is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of CenturyLink
CenturyLink operates primarily in the IT Services and IT Consulting industry.
Number of Employees at CenturyLink
CenturyLink employs approximately 24,839 people worldwide.
Subsidiaries Owned by CenturyLink
CenturyLink presently has no subsidiaries across any sectors.
CenturyLink’s LinkedIn Followers
CenturyLink’s official LinkedIn profile has approximately 229,889 followers.
NAICS Classification of CenturyLink
CenturyLink is classified under the NAICS code 5415, which corresponds to Computer Systems Design and Related Services.
CenturyLink’s Presence on Crunchbase
No, CenturyLink does not have a profile on Crunchbase.
CenturyLink’s Presence on LinkedIn
Yes, CenturyLink maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/centurylink.
Cybersecurity Incidents Involving CenturyLink
As of December 10, 2025, Rankiteo reports that CenturyLink has experienced 3 cybersecurity incidents.
Number of Peer and Competitor Companies
CenturyLink has an estimated 37,375 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at CenturyLink ?
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak, Ransomware and Breach.
How does CenturyLink detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with centurylink informed affected customers, and remediation measures with developed improved security software, and remediation measures with customer notifications (via mail), and communication strategy with written notifications to affected customers..
Incident Details
Can you provide details on each incident ?
Title: CenturyLink Customer Data Exposure
Description: The personal information of hundreds of thousands of CenturyLink customers, including names, addresses, email addresses, and phone numbers was exposed online.
Type: Data Breach
Title: Ransomware Attack on Lumen Technologies
Description: Lumen Technologies, a leading provider of telecommunications services, identified two cybersecurity issues, including a ransomware attack. One of the events involved a ransomware attack on a small number of its servers that operate a segmented hosting service. The corporation simply acknowledged that the issue 'is currently impairing the operations of a small number of the Company's enterprise customers.' It gave no further information regarding the family of ransomware that infected its systems. Lumen developed improved security software following the ransomware attack's detection, which enabled the business to identify a different incursion.
Type: Ransomware
Title: CenturyLink Communications Data Breach (2020)
Description: The Maine Office of the Attorney General reported a data breach involving CenturyLink Communications, with the breach occurring between August 20 and August 31, 2020. Approximately 1,942 accounts were affected due to a sophisticated password guessing attack on the MyCenturyLink customer account website, potentially exposing usernames, email addresses, first and last names, service and billing addresses, and other related information. Written notifications were sent to customers starting September 21, 2020, with all letters mailed by September 25, 2020.
Date Publicly Disclosed: 2020-09-21
Type: Data Breach
Attack Vector: Password Guessing Attack
Vulnerability Exploited: Weak or Reused Passwords
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Data Leak.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through MyCenturyLink Customer Account Website.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach CEN32023423
Data Compromised: Names, Addresses, Email addresses, Phone numbers, Account-specific information
Systems Affected: database
Incident : Ransomware LUM33321023
Systems Affected: Segmented hosting service servers
Operational Impact: Impairing the operations of a small number of the Company's enterprise customers
Incident : Data Breach LEV801082025
Data Compromised: Usernames, Email addresses, First and last names, Service addresses, Billing addresses, Other related information
Systems Affected: MyCenturyLink Customer Account Website
Identity Theft Risk: Potential
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Information, Account-Specific Information, , Usernames, Email Addresses, First And Last Names, Service Addresses, Billing Addresses, Other Related Information and .
Which entities were affected by each incident ?
Incident : Data Breach CEN32023423
Entity Name: CenturyLink
Entity Type: Corporation
Industry: Telecommunications
Customers Affected: hundreds of thousands
Incident : Ransomware LUM33321023
Entity Name: Lumen Technologies
Entity Type: Corporation
Industry: Telecommunications
Customers Affected: Small number of enterprise customers
Incident : Data Breach LEV801082025
Entity Name: CenturyLink Communications (now Lumen Technologies)
Entity Type: Telecommunications Company
Industry: Telecommunications
Location: United States
Customers Affected: 1,942
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach CEN32023423
Communication Strategy: CenturyLink informed affected customers
Incident : Ransomware LUM33321023
Remediation Measures: Developed improved security software
Incident : Data Breach LEV801082025
Remediation Measures: Customer Notifications (via mail)
Communication Strategy: Written Notifications to Affected Customers
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach CEN32023423
Type of Data Compromised: Personal information, Account-specific information
Number of Records Exposed: 2.8 million
File Types Exposed: API logs
Personally Identifiable Information: namesaddressesemail addressesphone numbers
Incident : Data Breach LEV801082025
Type of Data Compromised: Usernames, Email addresses, First and last names, Service addresses, Billing addresses, Other related information
Number of Records Exposed: 1,942
Sensitivity of Data: Moderate (PII)
Data Exfiltration: Potential
Personally Identifiable Information: Yes
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Developed improved security software, , Customer Notifications (via mail), .
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach LEV801082025
Regulatory Notifications: Maine Office of the Attorney General
References
Where can I find more information about each incident ?
Incident : Data Breach LEV801082025
Source: Maine Office of the Attorney General
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Maine Office of the Attorney General.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through CenturyLink informed affected customers and Written Notifications To Affected Customers.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach CEN32023423
Customer Advisories: CenturyLink informed affected customers
Incident : Data Breach LEV801082025
Customer Advisories: Written notifications sent between September 21–25, 2020
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were CenturyLink informed affected customers, Written Notifications Sent Between September 21–25, 2020 and .
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach LEV801082025
Entry Point: MyCenturyLink Customer Account Website
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach LEV801082025
Root Causes: Weak Or Reused Passwords Vulnerable To Guessing Attacks,
Additional Questions
Incident Details
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2020-09-21.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were names, addresses, email addresses, phone numbers, account-specific information, , Usernames, Email Addresses, First and Last Names, Service Addresses, Billing Addresses, Other Related Information and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was database and Segmented hosting service servers and MyCenturyLink Customer Account Website.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Other Related Information, Usernames, names, Email Addresses, First and Last Names, addresses, Service Addresses, account-specific information, phone numbers, email addresses and Billing Addresses.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 2.8M.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Maine Office of the Attorney General.
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued were an CenturyLink informed affected customers, Written notifications sent between September 21–25 and 2020.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an MyCenturyLink Customer Account Website.
.png)
Latest Global CVEs (Not Company-Specific)
Description
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Versions 3.5.4 and below contain a Stored Cross-Site Scripting (XSS) vulnerability in the /WeGIA/html/geral/configurar_senhas.php endpoint. The application does not sanitize user-controlled data before rendering it inside the employee selection dropdown. The application retrieves employee names from the database and injects them directly into HTML <option> elements without proper escaping. This issue is fixed in version 3.5.5.
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Description
ZITADEL is an open-source identity infrastructure tool. Versions 4.0.0-rc.1 through 4.7.0 are vulnerable to DOM-Based XSS through the Zitadel V2 logout endpoint. The /logout endpoint insecurely routes to a value that is supplied in the post_logout_redirect GET parameter. As a result, unauthenticated remote attacker can execute malicious JS code on Zitadel users’ browsers. To carry out an attack, multiple user sessions need to be active in the same browser, however, account takeover is mitigated when using Multi-Factor Authentication (MFA) or Passwordless authentication. This issue is fixed in version 4.7.1.
Risk Information
cvss3
Base: 8.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N
Description
ZITADEL is an open-source identity infrastructure tool. Versions 4.7.0 and below are vulnerable to an unauthenticated, full-read SSRF vulnerability. The ZITADEL Login UI (V2) treats the x-zitadel-forward-host header as a trusted fallback for all deployments, including self-hosted instances. This allows an unauthenticated attacker to force the server to make HTTP requests to arbitrary domains, such as internal addresses, and read the responses, enabling data exfiltration and bypassing network-segmentation controls. This issue is fixed in version 4.7.1.
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
Description
NiceGUI is a Python-based UI framework. Versions 3.3.1 and below are vulnerable to directory traversal through the App.add_media_files() function, which allows a remote attacker to read arbitrary files on the server filesystem. This issue is fixed in version 3.4.0.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Description
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions are vulnerable to authentication bypass when the authentication type is set to "webserver." When providing an Authorization header with an arbitrary value, a session is associated with the target user regardless of valid credentials. This issue is fixed in versions 16.0.44 and 17.0.23.
Risk Information
cvss4
Base: 9.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/FreePBX/framework/commit/04224253156543cd9932b90458660b2f19fc0e35#diff-72f14a52840a61504a8e03cd195035b44e488aecd634b001bc6412a04bdc940bR20-R50
- https://github.com/FreePBX/security-reporting/security/advisories/GHSA-9jvh-mv6x-w698
- https://www.freepbx.org/watch-what-we-do-with-security-fixes-%f0%9f%91%80
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=centurylink' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
