Comparison Overview

CRF First Choice Inc.

VS

Stars Behavioral Health Group

CRF First Choice Inc.

1018 N Central Ave, Connersville, Indiana, US, 47331
Last Update: 2026-01-22
View Profile
Between 750 and 799
http://www.crf-firstchoice.com

CRF First Choice is a waiver facility based in Connersville, Indiana. We serve individuals with developmental disabilities that are on the Medicaid waiver. We provide housing and support for these individuals in our facility and in their homes. We have locations throughout Indiana with our main office in Connersville and satellite offices in Indianapolis and Bloomington.

NAICS: 62133
NAICS Definition: Offices of Mental Health Practitioners (except Physicians)
Employees: 122
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

Stars Behavioral Health Group

1501 Hughes Way, #150, Long Beach, CA, US, 90810
Last Update: 2026-01-22
Between 750 and 799
http://www.starsinc.com

Stars Behavioral Health Group (SBHG) provides high-quality mental health and social services across California, achieving proven, impactful results. SBHG is dedicated to helping individuals overcome significant challenges and grow through change. What Stars Behavioral Health Group Offers: A large, stable company founded in 1988. Recognized by the LA Business Journal as a “Best Place to Work” in Los Angeles and awarded “Top Workplaces” in the Bay Area by the Mercury News (multiple times). An opportunity to engage in meaningful work that positively impacts the lives of children, adults, and families. Access to some of the best training available in the industry. Flexible schedules and a comprehensive benefits package. Opportunities in residential, in-patient, and community-based outpatient roles.

NAICS: 62133
NAICS Definition: Offices of Mental Health Practitioners (except Physicians)
Employees: 882
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/crf-first-choice.jpeg
CRF First Choice Inc.
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/stars-behavioral-health-group.jpeg
Stars Behavioral Health Group
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
CRF First Choice Inc.
100%
Compliance Rate
0/4 Standards Verified
Stars Behavioral Health Group
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Mental Health Care Industry Average (This Year)

No incidents recorded for CRF First Choice Inc. in 2026.

Incidents vs Mental Health Care Industry Average (This Year)

No incidents recorded for Stars Behavioral Health Group in 2026.

Incident History — CRF First Choice Inc. (X = Date, Y = Severity)

CRF First Choice Inc. cyber incidents detection timeline including parent company and subsidiaries

Incident History — Stars Behavioral Health Group (X = Date, Y = Severity)

Stars Behavioral Health Group cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/crf-first-choice.jpeg
CRF First Choice Inc.
Incidents

No Incident

https://images.rankiteo.com/companyimages/stars-behavioral-health-group.jpeg
Stars Behavioral Health Group
Incidents

No Incident

FAQ

Both CRF First Choice Inc. company and Stars Behavioral Health Group company demonstrate a comparable AI Cybersecurity Score, with strong governance and monitoring frameworks in place.

Historically, Stars Behavioral Health Group company has disclosed a higher number of cyber incidents compared to CRF First Choice Inc. company.

In the current year, Stars Behavioral Health Group company and CRF First Choice Inc. company have not reported any cyber incidents.

Neither Stars Behavioral Health Group company nor CRF First Choice Inc. company has reported experiencing a ransomware attack publicly.

Neither Stars Behavioral Health Group company nor CRF First Choice Inc. company has reported experiencing a data breach publicly.

Neither Stars Behavioral Health Group company nor CRF First Choice Inc. company has reported experiencing targeted cyberattacks publicly.

Neither CRF First Choice Inc. company nor Stars Behavioral Health Group company has reported experiencing or disclosing vulnerabilities publicly.

Neither CRF First Choice Inc. nor Stars Behavioral Health Group holds any compliance certifications.

Neither company holds any compliance certifications.

Neither CRF First Choice Inc. company nor Stars Behavioral Health Group company has publicly disclosed detailed information about the number of their subsidiaries.

Stars Behavioral Health Group company employs more people globally than CRF First Choice Inc. company, reflecting its scale as a Mental Health Care.

Neither CRF First Choice Inc. nor Stars Behavioral Health Group holds SOC 2 Type 1 certification.

Neither CRF First Choice Inc. nor Stars Behavioral Health Group holds SOC 2 Type 2 certification.

Neither CRF First Choice Inc. nor Stars Behavioral Health Group holds ISO 27001 certification.

Neither CRF First Choice Inc. nor Stars Behavioral Health Group holds PCI DSS certification.

Neither CRF First Choice Inc. nor Stars Behavioral Health Group holds HIPAA certification.

Neither CRF First Choice Inc. nor Stars Behavioral Health Group holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network.

Published
Date
2026-01-22
Updated
Date
2026-01-22
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
References
Description

Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network.

Published
Date
2026-01-22
Updated
Date
2026-01-22
Risk Information
cvss3
Base: 9.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References
Description

Azure Entra ID Elevation of Privilege Vulnerability

Published
Date
2026-01-22
Updated
Date
2026-01-22
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
References
Description

Moonraker is a Python web server providing API access to Klipper 3D printing firmware. In versions 0.9.3 and below, instances configured with the "ldap" component enabled are vulnerable to LDAP search filter injection techniques via the login endpoint. The 401 error response message can be used to determine whether or not a search was successful, allowing for brute force methods to discover LDAP entries on the server such as user IDs and user attributes. This issue has been fixed in version 0.10.0.

Published
Date
2026-01-22
Updated
Date
2026-01-22
Risk Information
cvss4
Base: 2.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Runtipi is a Docker-based, personal homeserver orchestrator that facilitates multiple services on a single server. Versions 3.7.0 and above allow an authenticated user to execute arbitrary system commands on the host server by injecting shell metacharacters into backup filenames. The BackupManager fails to sanitize the filenames of uploaded backups. The system persists user-uploaded files directly to the host filesystem using the raw originalname provided in the request. This allows an attacker to stage a file containing shell metacharacters (e.g., $(id).tar.gz) at a predictable path, which is later referenced during the restore process. The successful storage of the file is what allows the subsequent restore command to reference and execute it. This issue has been fixed in version 4.7.0.

Published
Date
2026-01-22
Updated
Date
2026-01-22
Risk Information
cvss3
Base: 8.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
References