Chewy
Company Details
Linkedin ID:
chewy-com
Website:
Employees number:
12,283
Number of followers:
345,356
NAICS:
43
Industry Type:
Homepage:
chewy.com
IP Addresses:
0
Company ID:
CHE_1921614
Scan Status:
In-progress
Chewy Company CyberSecurity Posture
chewy.com
At Chewy, our mission is to be the most trusted and convenient destination for pet parents and partners, everywhere. We view pets and pet parents as family and are obsessed with meeting their needs and exceeding customer expectations through every interaction. Behind the scenes, our talented teams are made up of innovators, delighters, big-thinkers and of course, passionate pet people—creating a place where you'll be empowered to build, grow and unleash your fullest potential. We don’t just stand by our company mission—we’re obsessed with it. We seek to be the most trusted and convenient destination for pet parents and partners, everywhere. And we’re constantly finding new ways to do just that. At Chewy, we understand pet parenthood is full of joyful highs and anxious lows. That’s why we’re here, standing alongside pet parents, providing everything their pets need for a happy, healthy life. We’re a leading online source for pet products, supplies, and prescriptions. We offer a broad selection of high-quality products and services at competitive prices with an exceptional level of customer care and a personal touch. Since launching in 2011, we’ve combined the personalized service of your neighborhood pet store with the convenience and speed of e-commerce. We pride ourselves on being the only brand available 24/7/365 to support pet parents throughout their journey. We have a rich history of being recognized for our deep care and personalization while going above and beyond for our customers and their pets. We view pets and their people as more than just customers and look forward to meeting their needs and exceeding expectations through every interaction. With Chewy, no one pet-parents alone.
Chewy A.I CyberSecurity Scoring
Chewy Risk Score (AI oriented)Between 750 and 799
Chewy
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Chewy Global Score (TPRM)XXXX
Chewy
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Chewy Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
Chewy Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Chewy
Incidents vs Retail Industry Average (This Year)
No incidents recorded for Chewy in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Chewy in 2025.
Incident Types Chewy vs Retail Industry Avg (This Year)
No incidents recorded for Chewy in 2025.
Incident History — Chewy (X = Date, Y = Severity)
Chewy cyber incidents detection timeline including parent company and subsidiaries
Chewy Company Subsidiaries
At Chewy, our mission is to be the most trusted and convenient destination for pet parents and partners, everywhere. We view pets and pet parents as family and are obsessed with meeting their needs and exceeding customer expectations through every interaction. Behind the scenes, our talented teams are made up of innovators, delighters, big-thinkers and of course, passionate pet people—creating a place where you'll be empowered to build, grow and unleash your fullest potential. We don’t just stand by our company mission—we’re obsessed with it. We seek to be the most trusted and convenient destination for pet parents and partners, everywhere. And we’re constantly finding new ways to do just that. At Chewy, we understand pet parenthood is full of joyful highs and anxious lows. That’s why we’re here, standing alongside pet parents, providing everything their pets need for a happy, healthy life. We’re a leading online source for pet products, supplies, and prescriptions. We offer a broad selection of high-quality products and services at competitive prices with an exceptional level of customer care and a personal touch. Since launching in 2011, we’ve combined the personalized service of your neighborhood pet store with the convenience and speed of e-commerce. We pride ourselves on being the only brand available 24/7/365 to support pet parents throughout their journey. We have a rich history of being recognized for our deep care and personalization while going above and beyond for our customers and their pets. We view pets and their people as more than just customers and look forward to meeting their needs and exceeding expectations through every interaction. With Chewy, no one pet-parents alone.
Loading...
Chewy Similar Companies
Sobeys
As one of only two national grocery retailers in Canada, Sobeys Inc. serves the food shopping needs of Canadians with more than 1,500 stores in 10 provinces with retail banners that include Sobeys, Safeway, IGA, Foodland, FreshCo, Price Chopper, Thrifty Foods and Lawtons Drugs, as well as more than
At Starbucks, we like to say that we are not in the coffee business serving people, but in the people business serving coffee. Here, our employees - who we call partners – are the heart of the Starbucks experience, and being a partner means aspiring to become part of something bigger: inspiring posi
Michaels Stores
At The Michaels Companies Inc, our purpose is to fuel the joy of creativity. As the leading creative destination in North America, we operate over 1,300 stores in 49 states and Canada and online at Michaels.com and Michaels.ca. The Michaels Companies, Inc. also owns Artistree, a manufacturer of cust
Nordstrom
At Nordstrom, we empower our employees to set their sights high and blaze their own trails. This is a place where your success and growth are truly a result of your own efforts and achievements. Our teams are made up of motivated people who work hard to become leaders within the company, at all
Auchan Retail
To create new-generation retailing that improves people’s lives, Auchan Retail places customers at the centre of its actions and reaffirms the retailer’s role: that of a multi-format, “phygital” activist for good, healthy, local produce that constantly reinvents itself to deliver a new customer expe
Mr.Bricolage
Mr.Bricolage a de grands projets et vous en faîtes partie ! Enseigne connue et appréciée des Français, le Groupe Mr.Bricolage est un groupement d’adhérents-entrepreneurs indépendants, spécialistes de la rénovation et de l’embellissement de la maison et du jardin. Avec 1 091 magasins répartis en Fran
IKEA
The IKEA vision is to create a better everyday life for the many people. Our business idea is to offer well-designed, functional and affordable, high-quality home furnishing, produced with care for people and the environment. The IKEA Brand unites more than 200.000 co-workers and hundreds of compan
Founded in 1992, Majid Al Futtaim is an Emirati-owned, diversified lifestyle conglomerate operating across the Middle East, Africa and Asia. The Group started from one man’s vision to transform the face of shopping, entertainment, and leisure to ‘Create Great Moments For Everyone, Everyday’. It has
Pick n Pay
Welcome to Pick n Pay, where family values and customer-centricity converge to create an unparalleled shopping experience. Since 1967, when the visionary Raymond Ackerman championed the cause of consumers by acquiring the first few stores, the Ackerman family's dedication has steered our journey of
.png)
Chewy CyberSecurity News
February 13, 2025 08:00 AM
Top 10 Tech Companies to Work for in St Paul in 2025
Companies like Arrive Logistics, Q2, and Chewy are transforming industries, offering innovative tech solutions in AI, fintech, and eCommerce.
December 23, 2024 08:00 AM
Top 10 Tech Companies to Work for in Fort Lauderdale in 2024
Discover the top tech companies in Fort Lauderdale for 2024, including Tech Innovators Inc., DataWise Analytics, Magic Leap, Citrix Systems,...
August 31, 2022 07:00 AM
Stocks making the biggest moves premarket: Designer Brands, Express, Chewy and more
These are the stocks posting the largest moves before the bell.
February 03, 2022 08:00 AM
Chewy Says Exec Stole Trade Secrets Before Move To Rival
Pet supply and service provider Chewy Inc. has filed a federal lawsuit accusing a former executive of lifting company trade secrets before...
August 09, 2021 07:00 AM
Chewy Expansion Will Create More Than 500 Jobs In Pennsylvania
Pet e-commerce company Chewy, Inc. will invest $25M to create a pharmacy fulfillment center in Pittstown Township, PA.
June 14, 2019 07:00 AM
PetSmart's Chewy raises $1 billion in its upsized IPO, becoming the latest money-losing company to go public
PetSmart subsidiary Chewy upsized its IPO on strong demand, and will trade under the ticker CHWY. It's the latest money-losing unicorn to go...
June 13, 2019 07:00 AM
5 things to know in #MiamiTech: Chewy joins the big dogs, Florida has another unicorn, and more
Chewy, a homegrown success story, begins trading on the New York Stock Exchange Friday. Florida has another unicorn: - KnowBe4 - plus other...
April 18, 2017 07:00 AM
PetSmart’s Latest Bite at E-Commerce: Chewy.com
PetSmart is champing at the e-bit, clinching a deal for pet products site Chewy.com. Chewy's co-founder and Chief Executive Ryan Cohen will remain in charge of...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Chewy CyberSecurity History Information
Official Website of Chewy
The official website of Chewy is http://careers.chewy.com.
Chewy’s AI-Generated Cybersecurity Score
According to Rankiteo, Chewy’s AI-generated cybersecurity score is 798, reflecting their Fair security posture.
How many security badges does Chewy’ have ?
According to Rankiteo, Chewy currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Chewy have SOC 2 Type 1 certification ?
According to Rankiteo, Chewy is not certified under SOC 2 Type 1.
Does Chewy have SOC 2 Type 2 certification ?
According to Rankiteo, Chewy does not hold a SOC 2 Type 2 certification.
Does Chewy comply with GDPR ?
According to Rankiteo, Chewy is not listed as GDPR compliant.
Does Chewy have PCI DSS certification ?
According to Rankiteo, Chewy does not currently maintain PCI DSS compliance.
Does Chewy comply with HIPAA ?
According to Rankiteo, Chewy is not compliant with HIPAA regulations.
Does Chewy have ISO 27001 certification ?
According to Rankiteo,Chewy is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Chewy
Chewy operates primarily in the Retail industry.
Number of Employees at Chewy
Chewy employs approximately 12,283 people worldwide.
Subsidiaries Owned by Chewy
Chewy presently has no subsidiaries across any sectors.
Chewy’s LinkedIn Followers
Chewy’s official LinkedIn profile has approximately 345,356 followers.
NAICS Classification of Chewy
Chewy is classified under the NAICS code 43, which corresponds to Retail Trade.
Chewy’s Presence on Crunchbase
Yes, Chewy has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/mrchewy-com.
Chewy’s Presence on LinkedIn
Yes, Chewy maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/chewy-com.
Cybersecurity Incidents Involving Chewy
As of November 27, 2025, Rankiteo reports that Chewy has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
Chewy has an estimated 15,247 peer or competitor companies worldwide.
Chewy CyberSecurity History Information
How many cyber incidents has Chewy faced ?
Total Incidents: According to Rankiteo, Chewy has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at Chewy ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=chewy-com' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
