CRHS
Company Details
Linkedin ID:
conway-regional-health-system
Website:
Employees number:
793
Number of followers:
4,538
NAICS:
62
Industry Type:
Homepage:
conwayregional.org
IP Addresses:
0
Company ID:
CON_8937439
Scan Status:
In-progress
Conway Regional Health System Company CyberSecurity Posture
conwayregional.org
Conway Regional Health System provides complete health care services to a seven-county service area of North Central Arkansas including Cleburne, Conway, Faulkner, Perry, Pope, Van Buren and Yell Counties. Centered on a 150-bed, acute care medical center, the health system provides patients with a variety of services including heart health, orthopedic care, neuro-spine surgery, vascular surgery, gastroenterology services, women’s health, surgery, and rehabilitation. Conway Regional operates an expansive physician enterprise, including ten primary care clinics and seven specialty clinics. Additionally, the health system operates a Rehabilitation Hospital and a 70,000-square-foot Health and Fitness Center. In June of 2019, Conway Regional announced a management agreement with the Dardanelle Hospital, since renamed as the Dardanelle Regional Medical Center. With more than 200 physicians providing services at Conway Regional, the organization partners with the medical staff in an Accountable Clinical Management Model (ACM). This one-of-a-kind partnership creates a model of shared governance to promote meaningful engagement of physician leaders with hospital administrative leadership—all in an effort to improve patient experience and enhance care. Conway Regional maintains an employee engagement score in the top 20% of hospitals throughout the country and a Medical Staff engagement score in the top 5%, as compared to hospitals of similar size and scope. Conway Regional was the first hospital in Arkansas to partner with Arkansas Children’s Hospital in the Nursery Alliance, allowing more babies to receive care closer to home. Conway Regional is the only hospital in Arkansas named to Modern Healthcare’s National Best Places to Work in 2018, 2019, and received the honor again in 2020. Conway Regional has been named an Arkansas Best Place to Work in 2017, 2018 and 2019. Learn more at conwayregional.org.
Conway Regional Health System A.I CyberSecurity Scoring
CRHS Risk Score (AI oriented)Between 700 and 749
CRHS
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
CRHS Global Score (TPRM)XXXX
CRHS
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
CRHS Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Conway Regional Health System
Data Leak
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: Conway Regional Medical Center in Arkansas agreed to pay $295,000 to settle a lawsuit for a 2019 healthcare data breach. In June 2019, Conway became a victim to a phishing scheme. It resulted in the potential exposure of personal information, including names, Social Security numbers, addresses, health insurance information, and medical information.
CRHS Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for CRHS
Incidents vs Hospitals and Health Care Industry Average (This Year)
No incidents recorded for Conway Regional Health System in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Conway Regional Health System in 2025.
Incident Types CRHS vs Hospitals and Health Care Industry Avg (This Year)
No incidents recorded for Conway Regional Health System in 2025.
Incident History — CRHS (X = Date, Y = Severity)
CRHS cyber incidents detection timeline including parent company and subsidiaries
CRHS Company Subsidiaries
Conway Regional Health System provides complete health care services to a seven-county service area of North Central Arkansas including Cleburne, Conway, Faulkner, Perry, Pope, Van Buren and Yell Counties. Centered on a 150-bed, acute care medical center, the health system provides patients with a variety of services including heart health, orthopedic care, neuro-spine surgery, vascular surgery, gastroenterology services, women’s health, surgery, and rehabilitation. Conway Regional operates an expansive physician enterprise, including ten primary care clinics and seven specialty clinics. Additionally, the health system operates a Rehabilitation Hospital and a 70,000-square-foot Health and Fitness Center. In June of 2019, Conway Regional announced a management agreement with the Dardanelle Hospital, since renamed as the Dardanelle Regional Medical Center. With more than 200 physicians providing services at Conway Regional, the organization partners with the medical staff in an Accountable Clinical Management Model (ACM). This one-of-a-kind partnership creates a model of shared governance to promote meaningful engagement of physician leaders with hospital administrative leadership—all in an effort to improve patient experience and enhance care. Conway Regional maintains an employee engagement score in the top 20% of hospitals throughout the country and a Medical Staff engagement score in the top 5%, as compared to hospitals of similar size and scope. Conway Regional was the first hospital in Arkansas to partner with Arkansas Children’s Hospital in the Nursery Alliance, allowing more babies to receive care closer to home. Conway Regional is the only hospital in Arkansas named to Modern Healthcare’s National Best Places to Work in 2018, 2019, and received the honor again in 2020. Conway Regional has been named an Arkansas Best Place to Work in 2017, 2018 and 2019. Learn more at conwayregional.org.
Loading...
CRHS Similar Companies
Lifespan
Lifespan, Rhode Island's first health system, was founded in 1994 by Rhode Island Hospital and The Miriam Hospital. A comprehensive, integrated, academic health system, Lifespan’s present partners also include RI Hospital’s Hasbro Children's Hospital , Bradley Hospital, and Newport Hospital. A not
Dignity Health
We provide quality, compassionate health care at more than 40 hospitals and care centers that are serving communities across California, Arizona and Nevada every minute of every day. And while not everyone may live near a major medical facility, Dignity Health is making health care more accessible b
The people of Memorial Sloan Kettering Cancer Center (MSK) are united by a singular mission: ending cancer for life. Our specialized care teams provide personalized, compassionate, expert care to patients of all ages. Informed by basic research done at our Sloan Kettering Institute, scientists acros
Access Healthcare provides business process outsourcing, application services, and robotic process automation tools to hospitals, health systems, providers, payers, and related service providers. We operate from 20 delivery centers across nine cities in the US, India, and the Philippines, and our 2
Mayo Clinic has expanded and changed in many ways, but our values remain true to the vision of our founders. Our primary value – The needs of the patient come first – guides our plans and decisions as we create the future of health care. Join us and you'll find a culture of teamwork, professionalism
Sharp HealthCare is a not-for-profit health care system based in San Diego, California, with four acute care hospitals, three specialty hospitals, three medical groups and a health plan. We provide medical services in virtually all fields of medicine, including primary care, heart care, cancer, orth
Baylor Scott & White Health
With us by your side, there's no stopping you. It's why we're creating a new kind of healthcare at Baylor Scott & White. And we're just getting started. As the largest not-for-profit health system in the state of Texas, Baylor Scott & White promotes the health and well-being of every individual, fa
NHG Health
NHG Health is a leading public healthcare provider in Singapore recognised for its quality clinical care and its commitment in enabling healthier lives through preventive health, innovative solutions and person-centred programmes tailored to every life stage. Our integrated health system, which span
Helse Sør-Øst RHF
South Eastern Norway Regional health Authority is a merger between the former Eastern and South regional Health Authority. Responsible for secondary healthcare services for the south-eastern parts of Norway 2.5 million people (approx 52% of population) cost containment budget 58 billion Nkr. 100%
.png)
CRHS CyberSecurity News
November 12, 2025 08:00 AM
AMP Best of 2025
We have been proud to feature many of the state's most prominent businesses in Arkansas Money & Politics. These businesses represent.
October 17, 2025 07:00 AM
Cybersecurity incident causes network outage at local hospital
The network outage that has impacted Heywood and Athol Hospitals this week, has been the result of a cybersecurity incident, according to...
January 15, 2025 08:00 AM
2025 AMP Influencers of the Year
Arkansas Money & Politics is proud to unveil its list of “Arkansas Influencers” for 2025, those who inspire all to reach higher, achieve more and improve...
November 18, 2024 08:00 AM
Paul Phillips Appointed Federal Programs Director at Cromwell Architects Engineers (Mover & Shakers)
Paul Phillips has been named federal programs director at Cromwell Architects Engineers in Little Rock, where he will lead business...
November 13, 2024 08:00 AM
AMP Best of 2024
We have been proud to feature many of the state's most prominent businesses in Arkansas Money & Politics. These.
November 11, 2024 08:00 AM
2 Join the Board of the Little Rock Technology Park (Movers & Shakers)
Eric Peterson, interim president of BioVentures at the University of Arkansas for Medical Sciences of Little Rock, have been appointed to the board of the...
October 14, 2024 07:00 AM
2024 AMP Top Professionals
You don't have to be a CEO, baby, to be in our show. The executives are great, but Arkansas Money & Politics readers recognize that it.
August 14, 2024 07:00 AM
Shop Talk: Arkansas Hospital Administrators Talk Industry Challenges, More
Hospital administrators may not be in the emergency rooms or intensive care units of the facilities they lead, but they are.
August 02, 2024 07:00 AM
Congratulations to the winners of PR Daily's Social Media, Digital & Content Marketing Awards!
Winners were celebrated at a special awards luncheon in New York on Thursday.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
CRHS CyberSecurity History Information
Official Website of Conway Regional Health System
The official website of Conway Regional Health System is http://www.conwayregional.org.
Conway Regional Health System’s AI-Generated Cybersecurity Score
According to Rankiteo, Conway Regional Health System’s AI-generated cybersecurity score is 747, reflecting their Moderate security posture.
How many security badges does Conway Regional Health System’ have ?
According to Rankiteo, Conway Regional Health System currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Conway Regional Health System have SOC 2 Type 1 certification ?
According to Rankiteo, Conway Regional Health System is not certified under SOC 2 Type 1.
Does Conway Regional Health System have SOC 2 Type 2 certification ?
According to Rankiteo, Conway Regional Health System does not hold a SOC 2 Type 2 certification.
Does Conway Regional Health System comply with GDPR ?
According to Rankiteo, Conway Regional Health System is not listed as GDPR compliant.
Does Conway Regional Health System have PCI DSS certification ?
According to Rankiteo, Conway Regional Health System does not currently maintain PCI DSS compliance.
Does Conway Regional Health System comply with HIPAA ?
According to Rankiteo, Conway Regional Health System is not compliant with HIPAA regulations.
Does Conway Regional Health System have ISO 27001 certification ?
According to Rankiteo,Conway Regional Health System is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Conway Regional Health System
Conway Regional Health System operates primarily in the Hospitals and Health Care industry.
Number of Employees at Conway Regional Health System
Conway Regional Health System employs approximately 793 people worldwide.
Subsidiaries Owned by Conway Regional Health System
Conway Regional Health System presently has no subsidiaries across any sectors.
Conway Regional Health System’s LinkedIn Followers
Conway Regional Health System’s official LinkedIn profile has approximately 4,538 followers.
NAICS Classification of Conway Regional Health System
Conway Regional Health System is classified under the NAICS code 62, which corresponds to Health Care and Social Assistance.
Conway Regional Health System’s Presence on Crunchbase
No, Conway Regional Health System does not have a profile on Crunchbase.
Conway Regional Health System’s Presence on LinkedIn
Yes, Conway Regional Health System maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/conway-regional-health-system.
Cybersecurity Incidents Involving Conway Regional Health System
As of December 17, 2025, Rankiteo reports that Conway Regional Health System has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Conway Regional Health System has an estimated 31,328 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Conway Regional Health System ?
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak.
What was the total financial impact of these incidents on Conway Regional Health System ?
Total Financial Loss: The total financial loss from these incidents is estimated to be $295 thousand.
Incident Details
Can you provide details on each incident ?
Title: Conway Regional Medical Center Data Breach
Description: Conway Regional Medical Center in Arkansas agreed to pay $295,000 to settle a lawsuit for a 2019 healthcare data breach. In June 2019, Conway became a victim of a phishing scheme, resulting in the potential exposure of personal information, including names, Social Security numbers, addresses, health insurance information, and medical information.
Date Detected: June 2019
Type: Data Breach
Attack Vector: Phishing
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Data Leak.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach CON18111222
Financial Loss: $295,000
Data Compromised: Names, Social security numbers, Addresses, Health insurance information, Medical information
What is the average financial loss per incident ?
Average Financial Loss: The average financial loss per incident is $295.00 thousand.
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Names, Social Security Numbers, Addresses, Health Insurance Information, Medical Information and .
Which entities were affected by each incident ?
Incident : Data Breach CON18111222
Entity Name: Conway Regional Medical Center
Entity Type: Healthcare
Industry: Healthcare
Location: Arkansas
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach CON18111222
Type of Data Compromised: Names, Social security numbers, Addresses, Health insurance information, Medical information
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on June 2019.
Impact of the Incidents
What was the highest financial loss from an incident ?
Highest Financial Loss: The highest financial loss from an incident was $295,000.
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were names, Social Security numbers, addresses, health insurance information, medical information and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were addresses, names, Social Security numbers, medical information and health insurance information.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Nagios XI versions prior to 2026R1.1 are vulnerable to local privilege escalation due to an unsafe interaction between sudo permissions and application file permissions. A user‑accessible maintenance script may be executed as root via sudo and includes an application file that is writable by a lower‑privileged user. A local attacker with access to the application account can modify this file to introduce malicious code, which is then executed with elevated privileges when the script is run. Successful exploitation results in arbitrary code execution as the root user.
Risk Information
cvss4
Base: 8.6
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Out of bounds read and write in V8 in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Description
Use after free in WebGPU in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Description
SIPGO is a library for writing SIP services in the GO language. Starting in version 0.3.0 and prior to version 1.0.0-alpha-1, a nil pointer dereference vulnerability is in the SIPGO library's `NewResponseFromRequest` function that affects all normal SIP operations. The vulnerability allows remote attackers to crash any SIP application by sending a single malformed SIP request without a To header. The vulnerability occurs when SIP message parsing succeeds for a request missing the To header, but the response creation code assumes the To header exists without proper nil checks. This affects routine operations like call setup, authentication, and message handling - not just error cases. This vulnerability affects all SIP applications using the sipgo library, not just specific configurations or edge cases, as long as they make use of the `NewResponseFromRequest` function. Version 1.0.0-alpha-1 contains a patch for the issue.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
GLPI is a free asset and IT management software package. Starting in version 9.1.0 and prior to version 10.0.21, an unauthorized user with an API access can read all knowledge base entries. Users should upgrade to 10.0.21 to receive a patch.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=conway-regional-health-system' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
