Company Details
chubb
39,339
1,071,644
524
chubb.com
269
CHU_7868561
Completed

Chubb Company CyberSecurity Posture
chubb.comChubb is a world leader in insurance. With operations in 54 countries and territories, Chubb provides commercial and personal property and casualty insurance, personal accident and supplemental health insurance, reinsurance and life insurance to a diverse group of clients. As an underwriting company, we assess, assume and manage risk with insight and discipline. We service and pay our claims fairly and promptly. The company is also defined by its extensive product and service offerings, broad distribution capabilities, exceptional financial strength and local operations globally. Parent company Chubb Limited is listed on the New York Stock Exchange (NYSE: CB) and is a component of the S&P 500 index. Chubb maintains executive offices in Zurich, New York, London, Paris and other locations, and employs approximately 40,000 people worldwide. Read our Social Media Guidelines here: https://www.chubb.com/us-en/about-chubb/chubbs-social-media-guidelines.aspx Notre section « À propos » est également disponible en français, ici: https://www.chubb.com/ca-fr/about-chubb-in-canada/a-propos-de-chubb-au-canada.aspx
Company Details
chubb
39,339
1,071,644
524
chubb.com
269
CHU_7868561
Completed
Between 800 and 849

Chubb Global Score (TPRM)XXXX



No incidents recorded for Chubb in 2025.
No incidents recorded for Chubb in 2025.
No incidents recorded for Chubb in 2025.
Chubb cyber incidents detection timeline including parent company and subsidiaries

Chubb is a world leader in insurance. With operations in 54 countries and territories, Chubb provides commercial and personal property and casualty insurance, personal accident and supplemental health insurance, reinsurance and life insurance to a diverse group of clients. As an underwriting company, we assess, assume and manage risk with insight and discipline. We service and pay our claims fairly and promptly. The company is also defined by its extensive product and service offerings, broad distribution capabilities, exceptional financial strength and local operations globally. Parent company Chubb Limited is listed on the New York Stock Exchange (NYSE: CB) and is a component of the S&P 500 index. Chubb maintains executive offices in Zurich, New York, London, Paris and other locations, and employs approximately 40,000 people worldwide. Read our Social Media Guidelines here: https://www.chubb.com/us-en/about-chubb/chubbs-social-media-guidelines.aspx Notre section « À propos » est également disponible en français, ici: https://www.chubb.com/ca-fr/about-chubb-in-canada/a-propos-de-chubb-au-canada.aspx


HDFC ERGO General Insurance Company Limited was promoted by erstwhile Housing Development Finance Corporation Ltd. (HDFC), India’s premier Housing Finance Institution and ERGO International AG, the primary insurance entity of Munich Re Group. Consequent to the implementation of the Scheme of Amalgam

Zurich Insurance Group (Zurich) is a leading global multi-line insurer founded more than 150 years ago, which has grown into a business serving more than 75 million customers in more than 200 countries and territories, while delivering industry-leading total shareholder returns. Our customers includ

CNO Financial Group, Inc. (NYSE: CNO) secures the future of middle-income America. CNO provides life and health insurance, annuities, financial services, and workforce benefits solutions through our family of brands, including Bankers Life, Colonial Penn, Optavise and Washington National. Our cus

Allianz Partners is a world leader in B2B2C insurance and assistance, offering global solutions that span international health and life, travel insurance, automotive and assistance. Customer driven, our innovative experts are redefining insurance services by delivering future-ready, high-tech high-t

« Etre là pour les autres, j'ai décidé d'en faire mon métier. » Portée par nos 32 000 collaborateurs, notre campagne de communication employeur souligne ce qui nous rassemble et nous rend fiers au quotidien : notre métier, le point de départ de belles histoires, humaines avant tout. Cette campagne

Axis Max Life Insurance Limited (earlier known as Max Life Insurance Company Limited) is a Joint Venture between Max Financial Services Limited and Axis Bank Limited. Max Financial Services Ltd. is a part of the Max Group, an Indian multi-business corporation. Axis Max Life Insurance Limited has an

Blue Cross Blue Shield of Michigan is a nonprofit corporation and an independent licensee of the Blue Cross and Blue Shield Association. BCBSM's commitment to Michigan is what differentiates it from other health insurance companies doing business in the state. That mission has never changed. Nea

Established in 1908, Great Eastern places customers at the heart of everything we do. Our legacy extends beyond our products and services to our culture, which is defined by our core values and how we work. As champions of Integrity, Initiative and Involvement, our core values act as a compass, guid

RGS operates nationwide with over 2,500 branches, agencies and over 400 claims-handling offices covering every one of Russia's 86 regions - from Kaliningrad on the Baltic Sea in the West to Kamchatka on the Pacific Ocean in the Far East, and from Murmansk on the Barents Sea to Sochi (2014 Winter Oly
.png)
A Chubb insurance unit has claimed a data management company and a cybersecurity firm failed to prevent or mitigate a ransomware attack on...
A Chubb Ltd. insurance unit is suing data management and cybersecurity companies, alleging they failed to prevent or mitigate a ransomware...
Growth in the cybersecurity insurance market is driven by increasing cyberattacks and stringent data protection regulations making cyber...
Yahoo says a Chubb subsidiary is obligated to cover regulatory fines that might be leveled against one of the tech company's subsidiaries...
"Chubb's decision to lead reinsure a coal-fuelled power plant in Vietnam raises questions about the insurance industry's role in...
The CISO New York summit on Sept 9, 2025, unites 150+ senior cybersecurity leaders for a day of strategy and collaboration.
Chubb's AI strategy dominates insurance by leveraging financial power, underwriting excellence, and compounding investments into scalable,...
This surge is fueled by the growing frequency and sophistication of cyberattacks particularly ransomware and data breaches pushing...
Michigan-based Miracle Software Systems Inc. is suing Chubb unit ACE American Insurance Co. and Kyocera AVX Components Corp., alleging breach of contract.

Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
The official website of Chubb is https://www.chubb.com/.
According to Rankiteo, Chubb’s AI-generated cybersecurity score is 824, reflecting their Good security posture.
According to Rankiteo, Chubb currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
According to Rankiteo, Chubb is not certified under SOC 2 Type 1.
According to Rankiteo, Chubb does not hold a SOC 2 Type 2 certification.
According to Rankiteo, Chubb is not listed as GDPR compliant.
According to Rankiteo, Chubb does not currently maintain PCI DSS compliance.
According to Rankiteo, Chubb is not compliant with HIPAA regulations.
According to Rankiteo,Chubb is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Chubb operates primarily in the Insurance industry.
Chubb employs approximately 39,339 people worldwide.
Chubb presently has no subsidiaries across any sectors.
Chubb’s official LinkedIn profile has approximately 1,071,644 followers.
Chubb is classified under the NAICS code 524, which corresponds to Insurance Carriers and Related Activities.
No, Chubb does not have a profile on Crunchbase.
Yes, Chubb maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/chubb.
As of November 27, 2025, Rankiteo reports that Chubb has not experienced any cybersecurity incidents.
Chubb has an estimated 14,859 peer or competitor companies worldwide.
Total Incidents: According to Rankiteo, Chubb has faced 0 incidents in the past.
Incident Types: The types of cybersecurity incidents that have occurred include .
.png)
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.

Get company history
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.