Comparison Overview

Costco Wholesale

VS

OXXO

Costco Wholesale

4401 4th Ave S, Seattle, 98134, US
Last Update: 2026-04-01
View Profile
Between 800 and 849
http://www.costco.com

Costco Wholesale is a multibillion dollar global retailer with warehouse club operations in 14 countries. We are the recognized leader in our field, dedicated to quality in every area of our business and respected for our outstanding business ethics. Despite our large size and rapid international expansion, we continue to provide an atmosphere in which our employees thrive and succeed. If you are an ambitious, energetic person who enjoys a fast-paced team environment filled with challenges and opportunities, you've come to the right place. Our successful employees are service-oriented with integrity and commitment toward a common goal of excellence. Costco offers great jobs, great pay, great benefits and a great place to work. Like us on Facebook: www.facebook.com/Costco Follow us on Pinterest: www.pinterest.com/Costco

NAICS: 43
NAICS Definition: Retail Trade
Employees: 83,959
Subsidiaries: 1
12-month incidents
0
Known data breaches
2
Attack type number
1
View Profile

OXXO

Edison #1235 Nte., Monterrey, 64480, MX
Last Update: 2026-04-02
Between 800 and 849
http://www.oxxo.com

Somos la cadena de tiendas de conveniencia más grande de México y América Latina, con 45 años de experiencia y más de 22 mil establecimientos ubicados a lo largo de la República Mexicana, Colombia, Perú, Chile y Brasil. En OXXO como compañía 100% mexicana y como parte de la División Proximidad de FEMSA, tenemos el objetivo de generar valor económico y social en las comunidades en las que operamos. Abrimos nuestras puertas para satisfacer las necesidades cotidianas de nuestros clientes a través de productos y servicios de calidad. Cada apertura nos permite continuar impulsando la generación de empleos, desarrollo de proveedores y contribuir a la calidad de vida de nuestros vecinos con acciones para mejorar su entorno. #OXXOALaVueltaDeTuVida

NAICS: 43
NAICS Definition: Retail Trade
Employees: 33,919
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/costco-wholesale.jpeg
Costco Wholesale
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/oxxo.jpeg
OXXO
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Costco Wholesale
100%
Compliance Rate
0/4 Standards Verified
OXXO
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Retail Industry Average (This Year)

No incidents recorded for Costco Wholesale in 2026.

Incidents vs Retail Industry Average (This Year)

No incidents recorded for OXXO in 2026.

Incident History — Costco Wholesale (X = Date, Y = Severity)

Costco Wholesale cyber incidents detection timeline including parent company and subsidiaries

Incident History — OXXO (X = Date, Y = Severity)

OXXO cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/costco-wholesale.jpeg
Costco Wholesale
Incidents

Date Detected: 07/2015
Type:Breach
Blog: Blog

Date Detected: 6/2014
Type:Breach
Blog: Blog
https://images.rankiteo.com/companyimages/oxxo.jpeg
OXXO
Incidents

No Incident

FAQ

Costco Wholesale company demonstrates a stronger AI Cybersecurity Score compared to OXXO company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Costco Wholesale company has historically faced a number of disclosed cyber incidents, whereas OXXO company has not reported any.

In the current year, OXXO company and Costco Wholesale company have not reported any cyber incidents.

Neither OXXO company nor Costco Wholesale company has reported experiencing a ransomware attack publicly.

Costco Wholesale company has disclosed at least one data breach, while the other OXXO company has not reported such incidents publicly.

Neither OXXO company nor Costco Wholesale company has reported experiencing targeted cyberattacks publicly.

Neither Costco Wholesale company nor OXXO company has reported experiencing or disclosing vulnerabilities publicly.

Neither Costco Wholesale nor OXXO holds any compliance certifications.

Neither company holds any compliance certifications.

Costco Wholesale company has more subsidiaries worldwide compared to OXXO company.

Costco Wholesale company employs more people globally than OXXO company, reflecting its scale as a Retail.

Neither Costco Wholesale nor OXXO holds SOC 2 Type 1 certification.

Neither Costco Wholesale nor OXXO holds SOC 2 Type 2 certification.

Neither Costco Wholesale nor OXXO holds ISO 27001 certification.

Neither Costco Wholesale nor OXXO holds PCI DSS certification.

Neither Costco Wholesale nor OXXO holds HIPAA certification.

Neither Costco Wholesale nor OXXO holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

Hirschmann EagleSDV version 05.4.01 prior to 05.4.02 contains a denial-of-service vulnerability that causes the device to crash during session establishment when using TLS 1.0 or TLS 1.1. Attackers can trigger a crash by initiating TLS connections with these protocol versions to disrupt service availability.

Published
Date
2026-04-02
Updated
Date
2026-04-02
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

The stored API keys in temporary browser client is not marked as protected allowing for JavScript console or other errors to allow for extraction of the encryption credentials.

Published
Date
2026-04-02
Updated
Date
2026-04-02
References
Description

XSS vulnerability in cveInterface.js allows for inject HTML to be passed to display, as cveInterface trusts input from CVE API services

Published
Date
2026-04-02
Updated
Date
2026-04-02
References
Description

Multiple reflected cross-site scripting (XSS) vulnerabilities in the login.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda and red_url parameters.

Published
Date
2026-04-02
Updated
Date
2026-04-02
References
Description

A reflected cross-site scripting (XSS) vulnerability in the login_newpwd.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda parameter.

Published
Date
2026-04-02
Updated
Date
2026-04-02
References