What is the official website of CIMB ?

The official website of CIMB is http://www.cimb.com.

What is CIMB's cybersecurity risk score?

CIMB has an AI-generated cybersecurity risk score of 785 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has CIMB experienced?

According to Rankiteo, CIMB currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has CIMB been affected by any supply chain cyber incidents ?

According to Rankiteo, CIMB has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does CIMB have SOC 2 Type 1 certification ?

According to Rankiteo, CIMB is not certified under SOC 2 Type 1.

Does CIMB have SOC 2 Type 2 certification ?

According to Rankiteo, CIMB does not hold a SOC 2 Type 2 certification.

Does CIMB comply with GDPR ?

According to Rankiteo, CIMB is not listed as GDPR compliant.

Does CIMB have PCI DSS certification ?

According to Rankiteo, CIMB does not currently maintain PCI DSS compliance.

Does CIMB comply with HIPAA ?

According to Rankiteo, CIMB is not compliant with HIPAA regulations.

Does CIMB have ISO 27001 certification ?

According to Rankiteo,CIMB is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does CIMB operate in ?

CIMB operates primarily in the Financial Services industry.

How many employees does CIMB have ?

CIMB employs approximately 13,906 people worldwide.

Does CIMB own any subsidiaries ?

CIMB presently has no subsidiaries across any sectors.

How many LinkedIn followers does CIMB have ?

CIMB's official LinkedIn profile has approximately 386,678 followers.

What is the NAICS classification code for CIMB ?

CIMB is classified under the NAICS code 52, which corresponds to Finance and Insurance.

Does CIMB have a Crunchbase profile ?

No, CIMB does not have a profile on Crunchbase.

Does CIMB have a LinkedIn profile ?

Yes, CIMB maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/cimbmalaysia.

How many cybersecurity incidents has CIMB experienced ?

As of June 17, 2026, Rankiteo reports that CIMB has not experienced any cybersecurity incidents.

How many peer or competitor companies does CIMB have ?

CIMB has an estimated 32,106 peer or competitor companies worldwide.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

CIMB

Boost Score +25 with badge (5 left)

785

/1000

Fair

810

/1000

Good

CIMB Vendor Cyber Rating & Cyber Score

cimb.com

Add Your Compliance Badge

CIMB Group is a leading ASEAN universal bank, one of the largest Asian investment banks and one of the world's largest Islamic banks. We are headquartered in Kuala Lumpur, Malaysia and offer consumer banking, commercial banking, wholesale banking, Islamic banking, and asset management products and services. As the fifth largest banking group in ASEAN, we have over 36,000 staff in 16 locations across ASEAN, Asia and beyond. CIMB Bank and CIMB Islamic Bank are members of PIDM.

CIMB A.I CyberSecurity Scoring

Scoring History

CIMB

CIMB CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

No data available

Loading…

A.I.

CIMB Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for CIMB

Incidents vs Financial Services Industry Avg (This Year)

No incidents recorded for CIMB in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for CIMB in 2026.

Incident Types CIMB vs Financial Services Industry Avg (This Year)

No incidents recorded for CIMB in 2026.

Incident History - CIMB (X = Date, Y = Severity)

Loading…

SUBSIDIARY

CIMB Subsidiaries

CIMB

Financial Services

Website: http://www.cimb.com

Company Size: 10,001+ employees

CIMB NiagaBanking

CIMB Thai BankBanking

CIMB Wealth AdvisorsFinancial Services

Loading…

CIMB Similar Companies

New York Life Insurance Company

nyl.co

For over 180 years, we’ve helped turn your biggest dreams into milestones that last a lifetime. As a mutual company we hold ourselves to the highest standards of transparency, objectivity, and integrity. We’re committed to improving local communities through a culture of giving and volunteerism, supported by our own New York Life Foundation. Join a company that values development, career growth, collaboration, innovation, and diversity & inclusion. Through various resources and programs, you can grow your career while developing personally and professionally. Your life. New York Life. More powerful, together. Insurance • Investments • Retirement • Advisory Services New York Life is an Equal Opportunity Employer - M/F/Veteran/Disability/Sexual Orientation/Gender Identity Investments are offered through NYLIFE Securities LLC (Member FINRA/SIPC), a Licensed Insurance Agency. Advisory services are offered through Eagle Strategies LLC, a Registered Investment Adviser. NYLIFE Securities LLC and Eagle Strategies LLC are New York Life Companies. Not all New York Life agents are licensed to offer investments or advisory services. Only those agents who disclose their affiliation with NYLIFE Securities LLC and/or Eagle Strategies LLC are credentialed to provide the respective products and services. Read our disclaimers: https://nyl.co/socialmedia

KKR

kkr.com

KKR is a leading global investment firm that offers alternative asset management as well as capital markets and insurance solutions. KKR aims to generate attractive investment returns by following a patient and disciplined investment approach, employing world-class people, and supporting growth in its portfolio companies and communities. KKR sponsors investment funds that invest in private equity, credit and real assets and has strategic partners that manage hedge funds. KKR’s insurance subsidiaries offer retirement, life and reinsurance products under the management of Global Atlantic Financial Group. References to KKR’s investments may include the activities of its sponsored funds and insurance subsidiaries. For additional information about KKR (NYSE: KKR), please visit www.kkr.com. For additional information about Global Atlantic Financial Group, please visit www.globalatlantic.com. KKR will never request personal information, account details, payments and transfers over digital chat applications, social media, email or through SMS: https://www.kkr.com/security-and-fraud-awareness

M&T Bank

mtb.com

Great companies have an enduring sense of purpose. At M&T, our purpose is a simple one: make a difference in people’s lives and uplift the communities we serve. Founded in 1856 in Buffalo, NY we are now a top 11 full-service US-based commercial bank with a retail footprint across the east coast and wealth services available nationwide and abroad. As a bank, we offer advice, guidance, expertise, and solutions across the entire financial spectrum that combines M&T’s traditional banking services with the wealth management and institutional capabilities offered by Wilmington Trust. We are a community-minded organization with more than 167 years of experience. We serve customers, community, and colleagues whether they be across the street, across the state or across the country. As an employer of choice, we are proud to offer competitive benefits ranging from medical and retirement to forty hours of paid volunteer time, each year. Our core values drive the work we do – integrity, ownership, collaboration, curiosity, candor and we seek to further build upon our record of success by bringing in top talent and fresh skill sets while continuing to support the growth and development of all our team members. M&T Bank is unwavering when it comes to providing equal employment opportunities to all employees and applicants without regard to race, color, national origin, religion, ethnicity, sex, gender identity, age, disability, citizenship, pregnancy, veteran status, military status, marital status, sexual orientation, genetic information or any other characteristic protected under applicable federal, state or local laws.

Chase

chase.com

At Chase, we’re dedicated to helping you succeed. Whether you’re in need of banking, credit cards, mortgages, auto financing, investment guidance, small business support, or payment solutions, we’re beside you every step of the way. For customer service, contact us via chase.com/customerservice. See full social media terms and conditions at chase.com/socialterms. JPMorgan Chase is an Equal Opportunity Employer, including Disability/Veterans.

Goldman Sachs

cb goldmansachs.com

We aspire to be the world’s most exceptional financial institution, united by our shared values of partnership, client service, integrity, and excellence. Operating at the center of capital markets, we act as one firm, mobilizing our people, capital, and ideas to deliver superior results across our clients’ most complex challenges. For 156 years, Goldman Sachs has delivered world-class execution on a global scale across our leading Global Banking & Markets and Asset & Wealth Management businesses. Apprenticeship is central to our culture, with hands-on coaching and access to leaders who bring decades of experience and expertise. With office locations around the world, we offer a broad range of career opportunities to those who insist on excellence and thrive on performance. Find our Social Media Disclosures here: gs.com/social-media-disclosures

Old Mutual South Africa

oldmutual.co.za

Old Mutual Limited is a premium pan-African financial services group that offers a broad spectrum of financial solutions to retail and corporate customers across key markets in 14 countries. We have been helping our customers achieve their lifetime financial goals for over 170 years by investing their funds in ways that create positive futures for them, their families, their communities and broader society. In this way, we significantly contribute to improving the lives of our customers and their communities while ensuring a sustainable future for our business. We employ more than 30 000 people and operate in 14 countries across two regions Africa (South Africa, Namibia, Botswana, Zimbabwe, Kenya, Malawi, Tanzania, Nigeria, Ghana, Uganda, Rwanda, South Sudan and eSwatini) as well as Asia (China) So why work here? We believe you can shape the future with us – a future where we build a better Africa together. That’s why we’re committed to creating opportunities that will give you an edge on the rest. Once you’re part of our team, you will have access to the best breed of advice, tools and frameworks that will equip you to be your exceptional best. #MomentsThatMatter

Credicorp

grupocredicorp.com

Somos el grupo financiero líder en el Perú con una vasta experiencia en el mercado peruano. Contamos con una sólida plataforma de Banca Comercial reforzada por una importante presencia en Banca de Inversión en Latinoamérica destinada a desarrollar el potencial de la región y acompañar a nuestros clientes en su crecimiento. Ofrecemos un modelo de servicios financieros completo y diversificado en países como Perú, Bolivia, Estados Unidos, Panamá, Chile y Colombia; y desarrollamos operaciones esencialmente a través de nuestras seis principales subsidiarias: Banco de Crédito del Perú, BCP Bolivia, Mibanco, Pacífico Compañía de Seguros y Reaseguros, Prima AFP, Atlantic Security Bank y Credicorp Capital. El negocio de Credicorp se concentra principalmente en cuatro líneas de negocio: Banca Universal, Microfinanzas, Seguros y Pensiones, y Asesoría y Gestión de Inversiones.

Cholamandalam Investment and Finance Company Limited

cholamandalam.com

Cholamandalam Investment and Finance Company Limited (Chola), founded in 1978 as part of the Murugappa Group, initially focused on equipment financing. Over the years, Chola has transformed into a leading comprehensive financial services provider, offering a wide array of solutions including vehicle finance, home loans, SME loans, home equity loans, loan against property, consumer durable loans, and more. With a nationwide presence of 1,500+ branches and Assets Under Management (AUM) surpassing Rs. 1.77 lakh crore, Chola serves over 42.9 lakh happy customers. The company’s subsidiaries include Cholamandalam Securities Limited (CSEC), Cholamandalam Home Finance Limited (CHFL), and Payswiff Technologies Private Limited (Payswiff), enhancing its diverse portfolio. At Chola, our commitment is to foster growth and empowerment for customers, employees, shareholders, and communities alike. We are driven by a strong foundation of integrity, ethical values, and a deep sense of responsibility towards all our stakeholders. As we continue to grow and innovate, we aim to create sustainable value and contribute positively to the lives of those we serve, enabling them to enter a better life .

Fifth Third Bank

53.com

At Fifth Third Bank, everything we do is rooted in our purpose: to improve the lives of our customers and the well-being of our communities. Since our founding in 1858, we’ve been committed to creating a better financial experience by empowering our customers and clients to achieve what matters most. Our unified strength is grounded in the individual passion and diversity of more than 20,000 employees who work collaboratively to deliver a better tomorrow to everyone we serve. We offer a strong culture, opportunities for growth 401k match, wellness options, comprehensive insurance plans and additional resources you need to build a lasting and rewarding career path here. Headquartered in Cincinnati, Ohio, we are among the largest money managers in the Midwest. We operate four main businesses—Commercial Banking, Branch Banking, Consumer Lending, and Wealth & Asset Management—and a network of financial centers in Ohio, Kentucky, Indiana, Michigan, Illinois, Florida, Tennessee, West Virginia, Georgia, North Carolina and South Carolina. Consumers also have access to approximately 54,000 Fifth Third fee-free ATMs across the United States. Fifth Third Bancorp is a diversified financial services company and is the indirect parent company of Fifth Third Bank, National Association, a federally chartered institution. Explore Fifth Third career opportunities at: https://www.53.com/content/fifth-third/en/careers.html Fifth Third Bank, N.A., Member FDIC. Fifth Third Bank is proud to be an affirmative action/equal opportunity employer. M/F/D/V

Loading…

NEWS

CIMB CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

March 06, 2026 08:00 AM

CIMB Dismisses Online Claims of 1.2 Million Customer Records Leak

CIMB Bank denies online claims that a dataset containing about 1.2 million customer records was leaked, saying its systems remain secure.

Read Article

March 04, 2026 08:00 AM

CIMB refutes claims of data breach involving 1.2 million records

The financial services provider said its security teams have verified that all systems are secure and that customer data remains fully...

Read Article

March 04, 2026 08:00 AM

CIMB denies data breach involving 1.2mil records

The banking group says its security teams have verified that all systems are safe amid online claims of a data leak. CIMB Bank.

Read Article

January 31, 2026 08:00 AM

CIMB Islamic pledges RM20mil to nationwide conservation efforts

MALAYSIA's biodiversity is under growing threat as deforestation continues in the name of development. Against this backdrop, CIMB Islamic...

Read Article

November 04, 2025 08:00 AM

CIMB Securities initiates Cloudpoint at 'Buy', bullish on digital growth

KUALA LUMPUR: CIMB Securities Sdn Bhd has initiated coverage on Cloudpoint Technology Bhd with a "Buy" call and a target price of RM1.20.

Read Article

November 04, 2025 08:00 AM

CIMB Sees Cloudpoint As Key Proxy For FIs And Enterprise Digitalisation

Operating across four key segments —networking and data centres, cybersecurity, professional IT services, and cloud solutions.

Read Article

October 31, 2025 07:00 AM

CIMB Treasury & Markets Research expects Bank Negara to maintain OPR at 2.75% in final MPC meeting

KUALA LUMPUR: CIMB Treasury & Markets Research expects Bank Negara Malaysia (BNM) to maintain the overnight policy rate (OPR) at 2.75 per...

Read Article

October 27, 2025 07:00 AM

GCash says no data breach found, systems remain secure

Initial findings show that the alleged dataset does not match the data structure used within GCash systems,” the company said.

Read Article

September 10, 2025 07:00 AM

Government blocked website selling Malaysians' personal data, says Fahmi

PUTRAJAYA: A website allegedly selling Malaysians' personal data has been blocked since last year, says Communications Minister Datuk Fahmi...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-48777

SUMMARY

FileBrowser Quantum is a free, self-hosted, web-based file manager. Versions prior to 1.3.2-stable, 1.4.0-beta and 1.4.1-beta are vulnerable to Path Traversal through the publicPatchHandler in backend/http/public.go which joins user-controlled fromPath and toPath body fields with the trusted d.share.Path BEFORE the downstream sanitizer runs. Because filepath.Join collapses .. segments during the join, the sanitizer in resourcePatchHandler never sees the traversal and the move/copy/rename operates on a path outside the shared directory. The same root-cause pattern was patched for the bulk DELETE endpoint as CVE-2026-44542 (GHSA-fwj3-42wh-8673), but the PATCH handler with the identical pattern was not updated. A public share link with AllowModify=true is sufficient to exploit this. Anyone holding such a link can move, copy, or rename arbitrary files within the share owner's source root. This issue has been fixed in versions 1.3.3-stable and 1.4.2-beta.

Published

Date2026-06-16

Updated

Date2026-06-16

RISK INFORMATION (Score: )

cvss4

Base Score: 9.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-47750

SUMMARY

stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inference. In versions prior to master-584-0a7ae07, the pickle .ckpt parser in src/model.cpp contained a heap buffer overflow vulnerability in the GLOBAL opcode handler. The issue was caused by missing validation when searching for newline-delimited fields. A crafted .ckpt file without the expected newline could cause the parser to use -1 as a copy length, resulting in immediate heap corruption. The attack requires the victim or application to load a .ckpt file from an untrusted source, such as a downloaded model from a model sharing site. The issue has been resolved in version master-584-0a7ae07. If developers are unable to immediately update their applications they can work around this issue by following these instructions: do not load .ckpt checkpoint files from untrusted sources, and prefer trusted model sources and safer formats such as .safetensors where possible.

Published

Date2026-06-16

Updated

Date2026-06-16

RISK INFORMATION (Score: 7.8)

cvss3

Base Score: 7.8

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

1.8

REFERENCES

CVE-2026-47747

SUMMARY

stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inference. In versions prior to master-584-0a7ae07, the pickle .ckpt parser in src/model.cpp contained a heap buffer overflow vulnerability in the BINUNICODE opcode handler. The issue was caused by sign confusion on the opcode length field. A crafted .ckpt file could trigger memcpy with a very large length derived from a negative signed value, causing immediate heap corruption. The issue has been resolved in version master-584-0a7ae07. If developers are unable to immediately update their applications they can work around this issue by only loading .ckpt checkpoint files from trusted sources and preferring trusted model sources and safer formats such as .safetensors where possible.

Published

Date2026-06-16

Updated

Date2026-06-16

RISK INFORMATION (Score: 7.8)

cvss3

Base Score: 7.8

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

1.8

REFERENCES

CVE-2026-46448

SUMMARY

In OpenStack Nova before 33.0.2, the server create API does not strip certain hint data. The resulting instance has no Placement allocation.

Published

Date2026-06-16

Updated

Date2026-06-16

RISK INFORMATION (Score: 5.4)

cvss3

Base Score: 5.4

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

Impact Score

2.5

Exploitability

2.8

REFERENCES

CVE-2026-22313

SUMMARY

The device has a webserver that exposes a REST API authenticated with a token on the management network. By exploiting an OS command injection vulnerability an authenticated attacker can send arbitrary commands to the device that are executed with administrative permissions by the underlying operating system.

Published

Date2026-06-16

Updated

Date2026-06-16

RISK INFORMATION (Score: 9.1)

cvss3

Base Score: 9.1

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Impact Score

Exploitability

2.3

REFERENCES

https://www.cvcn.gov.it/cvcn/cve/CVE-2026-22313

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…