What is the official website of DiDi ?

The official website of DiDi is http://www.didiglobal.com.

What is DiDi's cybersecurity risk score?

DiDi has an AI-generated cybersecurity risk score of 755 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has DiDi experienced?

According to Rankiteo, DiDi currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has DiDi been affected by any supply chain cyber incidents ?

According to Rankiteo, DiDi has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does DiDi have SOC 2 Type 1 certification ?

According to Rankiteo, DiDi is not certified under SOC 2 Type 1.

Does DiDi have SOC 2 Type 2 certification ?

According to Rankiteo, DiDi does not hold a SOC 2 Type 2 certification.

Does DiDi comply with GDPR ?

According to Rankiteo, DiDi is not listed as GDPR compliant.

Does DiDi have PCI DSS certification ?

According to Rankiteo, DiDi does not currently maintain PCI DSS compliance.

Does DiDi comply with HIPAA ?

According to Rankiteo, DiDi is not compliant with HIPAA regulations.

Does DiDi have ISO 27001 certification ?

According to Rankiteo,DiDi is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does DiDi operate in ?

DiDi operates primarily in the Software Development industry.

How many employees does DiDi have ?

DiDi employs approximately 30,646 people worldwide.

Does DiDi own any subsidiaries ?

DiDi presently has no subsidiaries across any sectors.

How many LinkedIn followers does DiDi have ?

DiDi's official LinkedIn profile has approximately 329,212 followers.

What is the NAICS classification code for DiDi ?

DiDi is classified under the NAICS code 5112, which corresponds to Software Publishers.

Does DiDi have a Crunchbase profile ?

No, DiDi does not have a profile on Crunchbase.

Does DiDi have a LinkedIn profile ?

Yes, DiDi maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/didiglobal.

How many cybersecurity incidents has DiDi experienced ?

As of June 23, 2026, Rankiteo reports that DiDi has experienced 1 cybersecurity incidents.

How many peer or competitor companies does DiDi have ?

DiDi has an estimated 30,159 peer or competitor companies worldwide.

What types of cybersecurity incidents has DiDi faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Breach.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

DiDi

Boost Score +25 with badge (5 left)

755

/1000

Fair

780

/1000

Fair

DiDi Vendor Cyber Rating & Cyber Score

didiglobal.com

Add Your Compliance Badge

DiDi Global Inc. is a leading mobility technology platform. It offers a wide range of app-based services across Asia Pacific, Latin America, and other global markets, including ride hailing, taxi hailing, designated driving, hitch and other forms of shared mobility as well as certain energy and vehicle services, food delivery, and intra-city freight services. DiDi provides car owners, drivers, and delivery partners with flexible work and income opportunities. It is committed to collaborating with policymakers, the taxi industry, the automobile industry, and the communities to solve the world’s transportation, environmental, and employment challenges through the use of AI technology and localized smart transportation innovations. DiDi

DiDi A.I CyberSecurity Scoring

Scoring History

DiDi

DiDi CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

DiDi

Breach

6/2021

DID329223209112...

Loading…

A.I.

DiDi Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for DiDi

Incidents vs Software Development Industry Avg (This Year)

No incidents recorded for DiDi in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for DiDi in 2026.

Incident Types DiDi vs Software Development Industry Avg (This Year)

No incidents recorded for DiDi in 2026.

Incident History - DiDi (X = Date, Y = Severity)

Loading…

SUBSIDIARY

DiDi Subsidiaries

Parent Company

DiDi

Software Development

Website: http://www.didiglobal.com

Company Size: 10,000+ employees

No subsidiary data available for this company.

Loading…

DiDi Similar Companies

Shopify

cb shopify.com

Shopify is a leading global commerce company, providing trusted tools to start, grow, market, and manage a retail business of any size. Shopify makes commerce better for everyone with a platform and services that are engineered for reliability, while delivering a better shopping experience for consumers everywhere. Shopify powers millions of businesses in more than 175 countries and is trusted by brands such as Allbirds, Gymshark, PepsiCo, Staples, and many more. Find all our jobs here: www.shopify.com/careers

Autodesk

autodesk.com

Autodesk is changing how the world is designed and made. Our technology spans architecture, engineering, construction, product design, manufacturing, and media and entertainment. We empower innovators everywhere to solve challenges, big and small. From greener buildings to smarter products and more mesmerizing blockbusters, Autodesk software helps our customers design and make a better world for all. Over 100 million people use Autodesk software, like AutoCAD, Revit, Maya, 3ds Max, Fusion 360, SketchBook, and more, to unlock their creativity and solve important design, business, and environmental challenges. Our software runs on both personal computers and mobile devices. It taps the infinite computing power of the cloud to help teams around the world collaborate, design, simulate, and fabricate their ideas in 3D. We provide exceptional compensation and benefit packages, and we’d love for you to join us. We’re proud to be an equal opportunity employer, and we consider all qualiﬁed applicants without regard to race, gender, disability, veteran status, or other protected category. To see our culture in action, check out #AutodeskLife. We are headquartered in the San Francisco Bay Area and have over 10,000 employees worldwide.

IDEMIA

cb idemia.com

IDEMIA Secure Transactions (IST) is a leading provider of payment, connectivity, and cybersecurity solutions, serving billions of people worldwide. With decades of expertise in cryptography and credential issuance, IST is trusted by over 2000 financial institutions, mobile operators, automotive manufacturers, and IoT providers worldwide. IST is a division of IDEMIA Group. IDEMIA Public Security, another division of IDEMIA Group, is the premium provider of convenient and trusted biometric-based solutions, transforming public and private organizations across the globe. Follow them here: https://www.linkedin.com/company/idemia-public-security/

Amazon Fulfillment Technologies & Robotics

amazon.jobs

On the Fulfillment Technologies & Robotics Team, we build dynamic partnerships between people and intelligent machines. This intricate collaboration helps Amazon fulfill orders with unmatched accuracy. Since we began working with robotics, we've added over a million new jobs worldwide. Working in symphony with our robotic technology, employees have the opportunity to extend their technical capabilities by working alongside some of the industry’s most advanced technologies. This includes our fleet of autonomous mobile robots, sophisticated control software, and technologies like language perception, machine learning, object recognition, and semantic understanding of commands. These technologies help employees deliver an ever-improving customer and employee experience, as well as improve the safety of our facilities. Explore opportunities across the entire Fulfillment Technologies & Robotics team to find the right fit for you.

Pitney Bowes

cb pitneybowes.com

Pitney Bowes is a technology-driven company that provides digital shipping solutions, mailing innovation, and financial services to clients around the world – including more than 90 percent of the Fortune 500. Small businesses to large enterprises, and government entities rely on Pitney Bowes to reduce the complexity of sending mail and parcels.

Microsoft

microsoft.com

Every company has a mission. What's ours? To empower every person and every organization to achieve more. We believe technology can and should be a force for good and that meaningful innovation contributes to a brighter world in the future and today. Our culture doesn’t just encourage curiosity; it embraces it. Each day we make progress together by showing up as our authentic selves. We show up with a learn-it-all mentality. We show up cheering on others, knowing their success doesn't diminish our own. We show up every day open to learning our own biases, changing our behavior, and inviting in differences. Because impact matters. Microsoft operates in 190 countries and is made up of approximately 228,000 passionate employees worldwide.

Expedia Group

expediagroup.com

At Expedia Group (NASDAQ: EXPE), we believe travel is a force for good – it opens minds, builds connections, and bridges divides. We create transformative tech that enables unforgettable experiences for all travelers, everywhere. Our trusted family of brands are known and loved by millions, and we power more trips than anyone else. To learn more about our vision of a more open world through travel, visit www.expediagroup.com. We’re committed to providing an inclusive and accessible recruiting experience for candidates with disabilities, or other physical or mental health conditions. If you require an accommodation or adjustment for any part of the application or recruitment process, please let us know by completing our Accommodation Request Form or contacting your recruiter. Employment opportunities and job offers at Expedia Group will always come from Expedia Group’s Talent Acquisition and hiring teams. Never provide sensitive, personal information to someone unless you’re confident about who they are. We do not send job offers via email, or any other messaging tools, to individuals we have not had prior contact with. Our email domain is @expediagroup.com. Our official careers website, where you can to find and apply for job openings, is careers.expediagroup.com/jobs. If you require customer service support to cancel, change or ask about a refund for your trip, you can connect with our 24/7 Virtual Agent through the following links: Expedia: https://www.expedia.com/helpcenter Hotels.com: https://service.hotels.com/en-us/ Vrbo: https://help.vrbo.com/ For additional assistance, direct message us on Twitter @ExpediaHelp with your itinerary number and email address: https://twitter.com/ExpediaHelp

Amazon

cb aboutamazon.com

Amazon is guided by four principles: customer obsession rather than competitor focus, passion for invention, commitment to operational excellence, and long-term thinking. We are driven by the excitement of building technologies, inventing products, and providing services that change lives. We embrace new ways of doing things, make decisions quickly, and are not afraid to fail. We have the scope and capabilities of a large company, and the spirit and heart of a small one. Together, Amazonians research and develop new technologies from Amazon Web Services to Alexa on behalf of our customers: shoppers, sellers, content creators, and developers around the world. Our mission is to be Earth's most customer-centric company. Our actions, goals, projects, programs, and inventions begin and end with the customer top of mind. You'll also hear us say that at Amazon, it's always "Day 1." What do we mean? That our approach remains the same as it was on Amazon's very first day - to make smart, fast decisions, stay nimble, invent, and focus on delighting our customers.

bigbasket

cb bigbasket.com

Starting our journey in 2011, today, bigbasket - a Tata Enterprise is India’s largest online supermarket with over 13 million customers and a presence in 60+ cities & towns. With our presence spanning the entire spectrum of consumer needs, we operate through a range of business lines - bigbasket, bbnow, bbinstant, bbdaily, fresho, bbmandi, and bbsaathi. We offer convenience by making grocery shopping easy for customers while enhancing their experience. With more than 47,000 employees, we are a proud & growing bigbasket family. With our businesses scaling, we are keen on working with the best talent in the industry. Every bigbasketeer embodies the ‘Spirit of bb’ that defines our work ethos. We believe in nurturing a people-first environment where the health and well-being of our employees are always prioritised. Fostering bigbasket’s value system, we encourage humility, transparency, integrity, and respect amongst each other to create an elevated work culture. At bigbasket, we empower every bigbasketeer with responsibility and ownership in everything they do. Being a customer-centric organisation, we operate with a maniacal focus on customers ensuring we always deliver our best. bigbasket has been proudly certified as a Great Place to Work, and Great Place to Work for Women. Our business model is designed to create opportunities for our country’s gig economy. We have achieved the highest ranking in the Fairwork India Ratings for Gig Workers. Through our DEI initiative – Aarambh, we foster Diversity, Equity, & Inclusion driving a workplace where everybody feels welcomed. Alongside this, we take conscious and proactive measures towards curtailing our impact on the environment. Our electric vehicles delivery fleet and solar panel equipped warehouses help us minimize carbon emissions. By promoting organic farming, we encourage fresh farm produce contributing to good land and soil health. #JoinTheSquad and be a part of our growth story!

Loading…

NEWS

DiDi CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

February 10, 2026 08:00 AM

What Minimum Viable Cybersecurity Really Looks Like for K–12 Districts

As ransomware and phishing attacks grow more sophisticated, districts can't rely on perimeter defenses alone. Here's what experts say the...

Read Article

September 10, 2025 07:00 AM

DiDi Global's $740 Million IPO Settlement Likely Ready Next Month, Plaintiffs' Lawyer Says

NEW YORK (Reuters) - DiDi Global's $740 million settlement of a lawsuit claiming it defrauded investors in connection with its initial...

Read Article

January 17, 2023 08:00 AM

Regulators’ Trust Refueled, Gets DiDi (DIDIY) on the Road Once Again

Ride-hailing company DiDi Global (DIDIY) has received approval from China's cybersecurity regulator to resume new user registrations following a ban that...

Read Article

January 16, 2023 08:00 AM

Didi Wins Approval to Restart New User Registration for Ride-Hailing Service

Move comes a year and a half after ride-hailing giant was targeted in a cybersecurity probe by Chinese authorities.

Read Article

August 05, 2022 07:00 AM

The CAC is Coming: Didi Chuxing Fined a Record-breaking USD 1.2 Billion for Breach of Data Protection Regulations

Didi Chuxing (Didi) was fined RMB 8.026 billion (approx. USD 1.2 billion) on 21 July 2022, more than a year after the Cyberspace Administration of China (CAC)...

Read Article

August 02, 2022 07:00 AM

Didi Cybersecurity Review - Which Laws did Didi Break?

Which regulations did Didi break? According to the CAC's announcement released on July 21, 2022 the investigation found that Didi had violated...

Read Article

July 28, 2022 07:00 AM

Cyberspace Administration of China Issues Statement on Didi’s $1.2B Fines for Cybersecurity Law Violations

The statement revealed more details regarding CAC's basis for its penalty decision. It stated that Didi committed 16 offenses, which appeared to...

Read Article

July 25, 2022 07:00 AM

China imposes $1.7bn fine on DiDi app for data breach incidents

Chinese ride-hailing firm Didi Global has been fined 8 billion yuan (AU$1.7 billion) by the Cyberspace Administration of China (CAC).

Read Article

July 22, 2022 07:00 AM

A timeline of Didi and its year-long cybersecurity investigation

Share this: ... China's year-long, once seemingly never-ending investigation into Didi finally reached a conclusion on Thursday, with authorities...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-54236

SUMMARY

vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, the fix for CVE-2026-22778, which introduced a sanitize_message helper that strips object-repr memory addresses from error messages before they reach the client, is incomplete: several response paths echo str(exc) directly to clients without calling sanitize_message. The unsanitized sites include the Anthropic API router in vllm/entrypoints/anthropic/api_router.py (the POST /v1/messages and POST /v1/messages/count_tokens handlers), the Server-Sent Events streaming converter in vllm/entrypoints/anthropic/serving.py, and the realtime speech-to-text WebSocket in vllm/entrypoints/speech_to_text/realtime/connection.py. These paths catch the exception inside the route coroutine and construct the JSONResponse themselves, bypassing the sanitizing global FastAPI exception handler, and WebSocket frames do not traverse that handler chain at all. Using the same primitive as the parent issue, an unauthenticated attacker can send malformed image bytes through the Anthropic Messages API image content parts so that PIL.Image.open raises an UnidentifiedImageError whose message contains the BytesIO object repr, leaking the heap memory address verbatim in the error.message field of the response body. This vulnerability is fixed in 0.23.1rc0.

Published

Date2026-06-22

Updated

Date2026-06-22

RISK INFORMATION (Score: 5.3)

cvss3

Base Score: 5.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Impact Score

1.4

Exploitability

3.9

REFERENCES

CVE-2026-54235

SUMMARY

vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, ll temperature validation gates use comparison operators (<, >), which silently evaluate to False for NaN and for positive Infinity in Python's IEEE 754 float semantics. Both values pass every guard and propagate to GPU sampling kernels, where they produce undefined behavior or CUDA errors that can crash the inference worker. This vulnerability is fixed in 0.23.1rc0.

Published

Date2026-06-22

Updated

Date2026-06-22

RISK INFORMATION (Score: )

cvss4

Base Score: 6.9

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-54233

SUMMARY

vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, vLLM's /v1/audio/transcriptions endpoint limits compressed upload size but not decoded PCM output. A 25MB OPUS file expands to ~14.9GB of float32 PCM at decode time. This vulnerability is fixed in 0.23.1rc0.

Published

Date2026-06-22

Updated

Date2026-06-22

RISK INFORMATION (Score: 6.5)

cvss3

Base Score: 6.5

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Impact Score

3.6

Exploitability

2.8

REFERENCES

CVE-2026-54232

SUMMARY

vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.1, the vLLM Dockerfile is vulnerable to a dependency confusion attack through the flashinfer-jit-cache package. The package is installed from a custom index (flashinfer.ai/whl/) using --extra-index-url, but the package name was not registered on PyPI, and UV_INDEX_STRATEGY="unsafe-best-match" is set globally. An attacker who registers flashinfer-jit-cache on PyPI with version 0.6.11.post2 can execute arbitrary code as root during the Docker build and backdoor every resulting container image, enabling exfiltration of all user prompts, API credentials, and model data from production vLLM deployments This vulnerability is fixed in 0.22.1.

Published

Date2026-06-22

Updated

Date2026-06-22

RISK INFORMATION (Score: 8.8)

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

2.8

REFERENCES

https://github.com/vllm-project/vllm/security/advisories/GHSA-jrf6-vqxq-pjv2

CVE-2026-53923

SUMMARY

vLLM is an inference and serving engine for large language models (LLMs). From 0.5.5 until 0.23.1rc0, integer truncation of tensor dimensions in vLLM's GGUF dequantize kernels (csrc/quantization/gguf/gguf_kernel.cu) causes partial tensor processing. The output tensor is allocated at full size via torch::empty (uninitialized memory), but the dequantize CUDA kernel processes only a truncated number of elements. The unfilled portion of the output tensor retains whatever was previously in GPU memory. In multi-tenant inference deployments, this residual GPU memory may contain tensor data from other users' inference requests, constituting information disclosure. This vulnerability is fixed in 0.23.1rc0.

Published

Date2026-06-22

Updated

Date2026-06-22

RISK INFORMATION (Score: )

cvss4

Base Score: 5.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…