Discover
Company Details
Linkedin ID:
discover-financial-services
Website:
Employees number:
21,528
Number of followers:
227,086
NAICS:
52
Industry Type:
Homepage:
discover.com
IP Addresses:
184
Company ID:
DIS_6618111
Scan Status:
Completed
Discover Company CyberSecurity Posture
discover.com
Discover® is now part of Capital One. Together, we’ll continue to deliver exceptional financial products and experiences, drive innovation, and serve customers. Find the latest updates at https://capitalonediscover.com. Discover is one of the most recognized brands in the U.S. with the Discover® card, America's cash rewards pioneer, and offers personal loans, home loans, checking and savings accounts and certificates of deposit. The Discover Global Network® is comprised of Discover Network, with millions of merchants and cash access locations; PULSE®, one of the nation's leading ATM/debit networks; and Diners Club International®, a global payments network with acceptance around the world.
Discover A.I CyberSecurity Scoring
Discover Risk Score (AI oriented)Between 650 and 699
Discover
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Discover Global Score (TPRM)XXXX
Discover
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Discover Company CyberSecurity News & History
Past Incidents
35
Attack Types
2
Discover Financial Services
Breach
Rankiteo Explanation
Attack without any consequences
Description: The California Office of the Attorney General disclosed a **data breach incident** involving **Discover Financial Services** in November 2013. The breach notification suggested that **account information may have been compromised**, though no evidence of unauthorized access was confirmed. The exact date of the breach remains undisclosed, leaving uncertainty about the scope of exposure. While the incident raised concerns over potential financial data exposure—such as credit card details or account credentials—there was no confirmation of actual theft or misuse. The lack of verified unauthorized access implies that the breach may have been contained before significant harm occurred, but the risk of exposure persisted. The incident underscores vulnerabilities in financial data protection, even when no direct financial or reputational damage was immediately observable. Discover Financial Services likely initiated investigations and mitigation measures, though public details on corrective actions remain limited.
Discover Financial Services
Breach
Rankiteo Explanation
Attack without any consequences
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on June 17, 2016. The breach did not involve Discover card systems, and the specific number of individuals affected and details on the types of information compromised remain unknown.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on July 20, 2016. The breach occurred on June 19, 2014, potentially affecting Discover card account information, though the exact number of affected individuals is unknown. The breach did not involve Discover's systems directly and led to the issuance of new cards with updated security features.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Attorney General reported a data breach involving Discover Financial Services on July 21, 2017. The breach occurred on September 4, 2016, and involved Discover card account information, although specific details about the data compromised are unclear.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported a data breach incident involving Discover Financial Services on August 17, 2012. The breach did not involve any Discover card systems and there is no evidence of unauthorized use of the account numbers; however, customers were advised that their account information may have been compromised, leading to the issuance of new cards.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on February 20, 2017. The breach occurred on November 2, 2014, potentially exposing Discover card account information. The specific number of individuals affected is unknown.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on January 18, 2013. The breach involved compromised Discover card account information, although no specifics on the method of breach or the number of affected individuals were provided.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on January 25, 2019. The breach occurred on August 13, 2018, and involved Discover card account information, although the specific types of data exposed are unknown. Affected individuals were issued new cards as a precaution against potential fraud.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on July 20, 2016. The breach occurred on July 31, 2015, and affected Discover card account information. The specific details about the number of individuals impacted and types of information compromised are unknown. This breach highlights the vulnerability of financial institutions to cyber threats and the potential for significant financial and reputational damage.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on July 21, 2017. The breach occurred on August 10, 2016, potentially affecting Discover card account information, though the specific types of compromised information are unknown. This incident highlights the vulnerability of financial institutions to cyber threats and the importance of robust security measures to protect sensitive customer data.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on July 21, 2017. The breach occurred on October 22, 2014, and involved Discover card account information, although the specific types of information compromised are unclear. The organization responded by issuing new cards to reduce the possibility of fraud.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on June 25, 2018. The breach occurred on July 16, 2017, potentially exposing Discover card account information, though specific types of data involved are unknown. This incident highlights the vulnerability of financial institutions to cyber threats and the importance of robust security measures to protect sensitive customer information.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on March 21, 2016. The breach occurred on February 19, 2014, and affected Discover card account information, although the specific types of compromised data remain unclear.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on May 24, 2013. The specific date of the breach is not available, and no details regarding the number of individuals affected or the types of information compromised were provided. This breach highlights the potential vulnerabilities in financial services and the importance of robust cybersecurity measures to protect sensitive information.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on October 26, 2016, which occurred on May 4, 2014. The breach potentially exposed Discover card account information, but the exact types of data compromised are unknown. A new card with a new security code and expiration date was issued as a response to the breach.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on October 26, 2016. The breach occurred on March 2, 2015, potentially affecting Discover card account information, though the specifics of the data compromised are unclear.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Attorney General reported on October 19, 2017, that Discover Financial Services experienced a data breach on April 27, 2017. The breach involved Discover card account information, although the specific details of the compromised data are unclear. This incident highlights the vulnerability of financial institutions to cyber threats and the potential for significant financial and reputational damage.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported a data breach at Discover Financial Services on June 17, 2016. The breach, which occurred on January 1, 2014, involved Discover card account information. The specific number of individuals affected and the exact data compromised remain unknown. This incident highlights the potential risks associated with financial data breaches, where sensitive information such as account details could be exposed, leading to financial losses and reputational damage.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported that Discover Financial Services experienced a data breach on April 10, 2014, with the breach being reported on June 26, 2015. The breach involved the potential compromise of card account information, but no specific number of individuals affected or exact types of information compromised were provided.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported that Discover Financial Services experienced a data breach on August 2, 2015, and the breach was reported on March 21, 2016. The breach involved Discover card account information, though specific details about the types of information compromised and the number of affected individuals are unclear.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported that Discover Financial Services experienced a data breach on January 2, 2016, with the breach notification reported on February 20, 2017. The breach involved Discover card account information, although the specific data compromised is unknown at this time.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported that Discover Financial Services experienced a data breach on June 21, 2015, and reported the incident on September 23, 2016. The data involved was Discover card account information, but the specific types of data compromised are unknown. To mitigate risk, Discover is issuing new cards to affected users.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported that Discover Financial Services experienced a data breach on October 27, 2015, with the report published on September 23, 2016. The breach involved Discover card account information, but specific details about the number of affected individuals and the method of breach are unclear.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The Maine Office of the Attorney General reported that Discover Financial Services experienced a data breach due to an inadvertent disclosure, affecting 690 individuals, with 2 residents specifically impacted. The breach occurred between September 29, 2020 and November 15, 2020, and was reported on December 17, 2020.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General disclosed a **data breach** affecting **Discover Financial Services** in May 2017, though the incident itself occurred on **November 24, 2015**. The breach involved potential exposure of **account information**, though the exact nature of the compromised data—such as whether it included full financial details, personal identifiers, or transaction histories—was not specified. While no immediate evidence suggested large-scale fraud or identity theft, the lack of clarity on the scope of the breach raised concerns about unauthorized access to sensitive customer records.The delay in reporting (over **18 months**) further compounded risks, as affected individuals may have remained unaware of potential vulnerabilities in their accounts. Discover Financial Services, a major credit card issuer and payment processor, faced scrutiny over its data protection measures, particularly given the prolonged gap between the breach and public disclosure. Although no direct financial losses or systemic disruptions were confirmed, the incident highlighted gaps in timely breach notification and transparency, potentially eroding customer trust and exposing the company to regulatory penalties under data protection laws.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported a data breach notification from Discover Financial Services on December 20, 2013. The specific date of the breach is not available, and there were 2 cards affected. The notification indicated that account information may have been compromised but did not involve any Discover card systems. The details about the compromised information and specific response actions were limited.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: On October 17, 2013, the California Office of the Attorney General disclosed a data breach affecting **Discover Financial Services**. The incident involved the potential compromise of account information for **two credit cards**, though no evidence of unauthorized use or fraudulent activity was reported. The exact method of the breach (e.g., cyber attack, insider threat, or system vulnerability) and the full scope of affected individuals remained undisclosed. While the exposure was limited to a minimal number of accounts, the incident prompted regulatory notification due to the sensitivity of financial data. The lack of confirmed misuse suggested containment, but the breach still posed reputational risks and operational scrutiny for Discover. No further details were provided on whether the compromise stemmed from external hacking, internal negligence, or a technical flaw in their systems.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: On January 2, 2018, **Discover Financial Services** experienced a data breach reported by the California Office of the Attorney General on July 18, 2018. The incident involved unauthorized access to **Discover card account information**, though the exact scope of the compromised data—such as whether it included card numbers, expiration dates, CVV codes, or customer identities—was not publicly disclosed. The breach raised concerns over potential financial fraud, identity theft, or misuse of payment details, as card-related data is a prime target for cybercriminals. While no immediate evidence suggested large-scale exploitation, the exposure of such sensitive financial information posed risks to both the company’s reputation and its customers’ trust. Discover likely faced regulatory scrutiny, potential fines, and the need for enhanced security measures to mitigate future risks. Customers may have been advised to monitor their accounts for suspicious activity, though the long-term impact on affected individuals remained uncertain due to the lack of transparency regarding the breach’s specifics.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General reported that Discover Financial Services experienced a data breach involving Discover card accounts on June 23, 2017. The breach occurred on July 1, 2014, and affected undisclosed numbers of individuals, with potential exposure of Discover card account information.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General disclosed a data breach affecting **Discover Financial Services** in June 2023, though the incident itself occurred on **September 11, 2014**. The breach involved unauthorized exposure of **Discover card account information**, though the exact types of compromised data—such as card numbers, expiration dates, CVV codes, or customer identities—were not publicly specified. While no immediate evidence suggested large-scale fraud or misuse of the exposed data, the incident raised concerns over potential financial fraud, identity theft, or phishing attacks targeting affected cardholders. The delayed disclosure (nearly **nine years** after the breach) further amplified scrutiny over Discover’s data protection practices and regulatory compliance. The lack of clarity on the scope of stolen data left customers uncertain about their exposure to risks, though no widespread financial harm was reported at the time of the announcement.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General disclosed a data breach affecting **Discover Financial Services**, which occurred on **May 1, 2015**, but was reported only on **November 21, 2017**. The incident involved unauthorized access to **Discover card account information**, though the exact scope of the compromised data—such as whether it included card numbers, customer names, or transaction details—remained undisclosed. The delay in reporting (over **two and a half years**) raised concerns about transparency and compliance with breach notification laws. While no explicit evidence suggested large-scale fraud or identity theft stemming from the breach, the exposure of financial account data posed risks such as **potential fraudulent transactions, phishing attacks targeting cardholders, or misuse of payment details**. The lack of clarity on the extent of the breach further complicated risk assessments for affected customers. Discover likely faced **reputational damage** due to the incident and the prolonged delay in disclosure, which could erode trust among consumers and regulators. The breach underscored vulnerabilities in payment system security and the importance of timely incident response.
Discover Financial Services
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General disclosed a data breach affecting **Discover Financial Services**, which occurred on **February 26, 2016**, but was reported only in **November 2018**. The incident involved unauthorized access to **Discover card account information**, though the exact nature and extent of the compromised data—such as card numbers, expiration dates, or CVV codes—remained unspecified. While there was no explicit confirmation of data theft, the company took precautionary measures by **reissuing new cards** to impacted customers to mitigate potential fraud risks. The breach raised concerns over the **delayed detection and disclosure** (over **two years**), which could have prolonged exposure to fraudulent activities. Although no immediate financial losses or large-scale fraud were publicly documented, the incident highlighted vulnerabilities in Discover’s data security protocols. The lack of clarity on the stolen data also left customers uncertain about the full scope of the risk, potentially damaging trust in the company’s ability to safeguard sensitive financial information.
Discover Financial Services
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: On June 4, 2016, Discover Financial Services suffered a data breach reported by the California Attorney General on July 21, 2017. The incident involved unauthorized access to **Discover card account information**, though the exact scope of compromised data—such as whether full payment details, cardholder names, or additional personal identifiers were exposed—remained undisclosed. The breach raised concerns over potential financial fraud, identity theft, or misuse of customer payment data, given the sensitivity of credit card-related information. While no immediate evidence suggested large-scale exploitation, the exposure of such data inherently poses risks to customers’ financial security and the company’s reputation. Discover likely faced regulatory scrutiny, customer notifications, and potential remediation costs, including credit monitoring or fraud mitigation measures. The lack of transparency regarding the specific data types compromised further complicated risk assessments for affected individuals.
Discover Financial Services
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: In April 2016, Discover Financial Services experienced a data breach that was publicly reported by the California Office of the Attorney General on June 23, 2017. The incident involved unauthorized access to **Discover card account information**, though the exact scope of the compromised data—such as whether it included card numbers, security codes, or personal details—was not disclosed. In response, Discover took remedial action by issuing **new cards with updated security codes and expiration dates** to affected customers. While the breach did not result in confirmed financial fraud or identity theft at the time of reporting, the exposure of payment card details posed a risk of potential misuse. The incident highlighted vulnerabilities in Discover’s data protection measures, necessitating proactive steps to mitigate harm to customers. The lack of transparency regarding the specific data compromised added uncertainty to the severity of the breach’s long-term impact on affected individuals.
Discover Financial Services
Cyber Attack
Rankiteo Explanation
Attack limited on finance or reputation
Description: The California Office of the Attorney General disclosed a **data breach** involving **Discover Financial Services** on **May 25, 2012**. The incident centered on the **potential compromise of card account information**, prompting the company to issue **new cards to affected customers**. While the exact number of impacted individuals and the precise method of the breach (e.g., phishing, system intrusion, or third-party vulnerability) were **not publicly disclosed**, the exposure of payment card details posed a direct risk of **fraudulent transactions** and financial harm to customers.The breach underscored vulnerabilities in safeguarding **sensitive financial data**, though no evidence suggested broader systemic failures or large-scale identity theft beyond card-related fraud. The lack of transparency regarding the breach’s scope and origin further raised concerns about **reputational damage**, as customers and regulators questioned the company’s data protection measures. While no ransomware or large-scale data exfiltration (e.g., full customer profiles) was reported, the incident aligned with patterns of **financial cybercrime**, where attackers exploit weaknesses to access payment systems or transactional data.Discover’s response—proactively replacing compromised cards—mitigated immediate risks but highlighted the persistent threat of **cyber attacks targeting financial institutions**, where even limited exposures can erode trust and incur operational costs (e.g., card reissuance, fraud monitoring).
Discover Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Discover
Incidents vs Financial Services Industry Average (This Year)
No incidents recorded for Discover in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Discover in 2025.
Incident Types Discover vs Financial Services Industry Avg (This Year)
No incidents recorded for Discover in 2025.
Incident History — Discover (X = Date, Y = Severity)
Discover cyber incidents detection timeline including parent company and subsidiaries
Discover Company Subsidiaries
Discover® is now part of Capital One. Together, we’ll continue to deliver exceptional financial products and experiences, drive innovation, and serve customers. Find the latest updates at https://capitalonediscover.com. Discover is one of the most recognized brands in the U.S. with the Discover® card, America's cash rewards pioneer, and offers personal loans, home loans, checking and savings accounts and certificates of deposit. The Discover Global Network® is comprised of Discover Network, with millions of merchants and cash access locations; PULSE®, one of the nation's leading ATM/debit networks; and Diners Club International®, a global payments network with acceptance around the world.
Loading...
Discover Similar Companies
Global Payments (NYSE : GPN) helps businesses around the world enable commerce and provide exceptional experiences to their customers. Our payment technology and software solutions enable merchants and developers to deliver seamless customer experiences, run smarter operations and adapt quickly to c
SONAE
Sonae exists to create a lasting positive impact on businesses, people, communities and on the planet. Managing a diverse portfolio of businesses in retail, financial services, technology, investments, shopping centres and telecommunications, Sonae makes the most of its expertise and pushes itself
At Equifax (NYSE: EFX), we believe knowledge drives progress. As a global data, analytics, and technology company, we play an essential role in the global economy by helping financial institutions, companies, employers, and government agencies make critical decisions with greater confidence. Our uni
Aditya Birla Capital Ltd is a financial services company based out of One World Center, Tower 1, 18th Floor, Jupiter Mills Compound, 841, Senapati Bapat Marg, Elphinstone Road, MUMBAI, India. - Aditya Birla Capital is committed to provide equal opportunity to all in employment and prohibits discrim
We aspire to be the world’s most exceptional financial institution, united by our shared values of partnership, client service, integrity, and excellence. Operating at the center of capital markets, we act as one firm, mobilizing our people, capital, and ideas to deliver superior results across ou
At State Street, we partner with institutional investors all over the world to provide comprehensive financial services, including investment management, investment research and trading, and investment servicing. Whether you are an asset manager, asset owner, alternative asset manager, insurance com
HDB Financial Services (HDBFS) is a leading Non-Banking Financial Company (NBFC) that caters to the growing needs of an Aspirational India, serving both Individual & Business Clients The lines of business include - Lending and BPO Services. Incorporated in 2007, HDB is a well-established business wi
SM Investments
SM Investments Corporation is a leading Philippine company that is invested in market-leading businesses in retail, banking, and property. It also invests in ventures that capture high growth opportunities in the emerging Philippine economy. SM’s retail operations are the country’s largest and most
Nationale-Nederlanden
NN Group is an international financial services company, active in 10 countries, with a strong presence in a number of European countries and Japan. Our roots lie in the Netherlands, with a rich history of more than 175 years. With our 15,000 employees, NN Group provides retirement services, pensio
.png)
Discover CyberSecurity News
November 20, 2025 09:27 AM
Urgent warning to WhatsApp users as cybersecurity experts discover a vulnerability allowing access to 3.5 BILLION profiles
Researchers say that a simple weakness allowed them to access 3.5 billion profiles on the Meta-owned messaging app.
November 19, 2025 04:00 PM
Cybersecurity experts discover 20 apps skimming your digital wallet: 'Delete NOW'
Cybersecurity experts are warning that millions of people could be at risk of having their digital wallets emptied permanently unless they delete several...
November 03, 2025 08:00 AM
Urgent warning to Brits as cybersecurity experts discover 1,800 stolen bank cards for sale on the dark web for as little as £6.27
Urgent warning to Brits as cybersecurity experts discover 1,800 stolen bank cards for sale on the dark web for as little as £6.27 ... More than...
October 29, 2025 05:26 PM
Trinity College Students Explore Cybersecurity at CEN Cyber Nutmeg Conference
The Cyber Nutmeg Conference is a fantastic way for our students to see how the concepts they learn in the classroom are applied in real-world cybersecurity...
October 27, 2025 07:00 AM
Eleven UK Companies Explore Cybersecurity Opportunities in Indonesia
Eleven UK Companies Explore Cybersecurity Opportunities in Indonesia ... TEMPO.CO, Jakarta - The UK government launched a cybersecurity trade...
October 10, 2025 07:00 AM
CIDC-2025 participants explore cybersecurity exhibition in Baku
CIDC-2025 participants explore cybersecurity exhibition in Baku ... On the second day of the international cyber festival Critical Infrastructure...
October 07, 2025 07:00 AM
Discover 3 cybersecurity platforms advancing predictive intelligence, AI governance, and open source remediation on .Security domains
Discover 3 cybersecurity platforms advancing predictive intelligence, AI governance, and open source remediation on .Security domains.
August 26, 2025 07:00 AM
The first AI-powered ransomware has been discovered — "PromptLock" uses local AI to foil heuristic detection and evade API tracking [Updated]
Security firm ESET has discovered a new type of ransomware that uses a local AI model to generate malicious scripts and perform other...
August 20, 2025 07:00 AM
Experts Find AI Browsers Can Be Tricked by PromptFix Exploit to Run Malicious Hidden Prompts
Cybersecurity researchers have demonstrated a new prompt injection technique called PromptFix that tricks a generative artificial...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Discover CyberSecurity History Information
Official Website of Discover
The official website of Discover is http://www.discover.com.
Discover’s AI-Generated Cybersecurity Score
According to Rankiteo, Discover’s AI-generated cybersecurity score is 658, reflecting their Weak security posture.
How many security badges does Discover’ have ?
According to Rankiteo, Discover currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Discover have SOC 2 Type 1 certification ?
According to Rankiteo, Discover is not certified under SOC 2 Type 1.
Does Discover have SOC 2 Type 2 certification ?
According to Rankiteo, Discover does not hold a SOC 2 Type 2 certification.
Does Discover comply with GDPR ?
According to Rankiteo, Discover is not listed as GDPR compliant.
Does Discover have PCI DSS certification ?
According to Rankiteo, Discover does not currently maintain PCI DSS compliance.
Does Discover comply with HIPAA ?
According to Rankiteo, Discover is not compliant with HIPAA regulations.
Does Discover have ISO 27001 certification ?
According to Rankiteo,Discover is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Discover
Discover operates primarily in the Financial Services industry.
Number of Employees at Discover
Discover employs approximately 21,528 people worldwide.
Subsidiaries Owned by Discover
Discover presently has no subsidiaries across any sectors.
Discover’s LinkedIn Followers
Discover’s official LinkedIn profile has approximately 227,086 followers.
NAICS Classification of Discover
Discover is classified under the NAICS code 52, which corresponds to Finance and Insurance.
Discover’s Presence on Crunchbase
No, Discover does not have a profile on Crunchbase.
Discover’s Presence on LinkedIn
Yes, Discover maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/discover-financial-services.
Cybersecurity Incidents Involving Discover
As of November 27, 2025, Rankiteo reports that Discover has experienced 35 cybersecurity incidents.
Number of Peer and Competitor Companies
Discover has an estimated 29,540 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Discover ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach and Cyber Attack.
How does Discover detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an remediation measures with issuance of new cards, and communication strategy with advised customers of potential compromise, and remediation measures with issued new cards to affected individuals, and remediation measures with issuing new cards, and remediation measures with issued new cards with new security codes and expiration dates, and remediation measures with issuing new cards to affected users, and remediation measures with issuance of new cards with updated security features, and communication strategy with notification letter sent to affected parties via the california office of the attorney general, and and remediation measures with issuance of new cards with updated security codes and expiration dates to affected customers, and communication strategy with public disclosure via california office of the attorney general, and remediation measures with issuing new cards to affected individuals, and law enforcement notified with california office of the attorney general, and remediation measures with customers issued new cards, and law enforcement notified with yes (california office of the attorney general)..
Incident Details
Can you provide details on each incident ?
Title: Data Breach at Discover Financial Services
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on June 17, 2016. The breach did not involve Discover card systems, and the specific number of individuals affected and details on the types of information compromised remain unknown.
Date Publicly Disclosed: 2016-06-17
Type: Data Breach
Title: Discover Financial Services Data Breach
Description: The California Office of the Attorney General reported that Discover Financial Services experienced a data breach on October 27, 2015, with the report published on September 23, 2016. The breach involved Discover card account information, but specific details about the number of affected individuals and the method of breach are unclear.
Date Detected: 2015-10-27
Date Publicly Disclosed: 2016-09-23
Type: Data Breach
Title: Data Breach at Discover Financial Services
Description: The California Office of the Attorney General reported a data breach incident involving Discover Financial Services on August 17, 2012. The breach did not involve any Discover card systems and there is no evidence of unauthorized use of the account numbers; however, customers were advised that their account information may have been compromised, leading to the issuance of new cards.
Date Detected: 2012-08-17
Date Publicly Disclosed: 2012-08-17
Type: Data Breach
Title: Data Breach at Discover Financial Services
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on January 25, 2019. The breach occurred on August 13, 2018, and involved Discover card account information, although the specific types of data exposed are unknown. Affected individuals were issued new cards as a precaution against potential fraud.
Date Detected: 2019-01-25
Date Publicly Disclosed: 2019-01-25
Type: Data Breach
Title: Data Breach at Discover Financial Services
Description: The California Office of the Attorney General reported a data breach notification from Discover Financial Services on December 20, 2013. The specific date of the breach is not available, and there were 2 cards affected. The notification indicated that account information may have been compromised but did not involve any Discover card systems. The details about the compromised information and specific response actions were limited.
Date Publicly Disclosed: 2013-12-20
Type: Data Breach
Title: Data Breach at Discover Financial Services
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on July 21, 2017. The breach occurred on October 22, 2014, and involved Discover card account information, although the specific types of information compromised are unclear. The organization responded by issuing new cards to reduce the possibility of fraud.
Date Detected: 2017-07-21
Date Publicly Disclosed: 2017-07-21
Type: Data Breach
Title: Data Breach at Discover Financial Services
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on June 25, 2018. The breach occurred on July 16, 2017, potentially exposing Discover card account information, though specific types of data involved are unknown.
Date Detected: 2018-06-25
Date Publicly Disclosed: 2018-06-25
Type: Data Breach
Title: Data Breach at Discover Financial Services
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on October 26, 2016, which occurred on May 4, 2014. The breach potentially exposed Discover card account information, but the exact types of data compromised are unknown. A new card with a new security code and expiration date was issued as a response to the breach.
Date Detected: 2016-10-26
Date Publicly Disclosed: 2016-10-26
Type: Data Breach
Title: Data Breach at Discover Financial Services
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on February 20, 2017. The breach occurred on November 2, 2014, potentially exposing Discover card account information. The specific number of individuals affected is unknown.
Date Detected: 2017-02-20
Date Publicly Disclosed: 2017-02-20
Type: Data Breach
Title: Data Breach at Discover Financial Services
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on July 21, 2017. The breach occurred on August 10, 2016, potentially affecting Discover card account information, though the specific types of compromised information are unknown.
Date Detected: 2017-07-21
Date Publicly Disclosed: 2017-07-21
Type: Data Breach
Title: Discover Financial Services Data Breach
Description: The California Office of the Attorney General reported that Discover Financial Services experienced a data breach on June 21, 2015, and reported the incident on September 23, 2016. The data involved was Discover card account information, but the specific types of data compromised are unknown. To mitigate risk, Discover is issuing new cards to affected users.
Date Detected: 2015-06-21
Date Publicly Disclosed: 2016-09-23
Type: Data Breach
Title: Data Breach at Discover Financial Services
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on January 18, 2013. The breach involved compromised Discover card account information, although no specifics on the method of breach or the number of affected individuals were provided.
Date Detected: 2013-01-18
Date Publicly Disclosed: 2013-01-18
Type: Data Breach
Title: Data Breach at Discover Financial Services
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on July 20, 2016. The breach occurred on July 31, 2015, and affected Discover card account information, although specific details about the number of individuals impacted and types of information compromised are unknown.
Date Detected: 2016-07-20
Date Publicly Disclosed: 2016-07-20
Type: Data Breach
Title: Data Breach at Discover Financial Services
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on March 21, 2016. The breach occurred on February 19, 2014, and affected Discover card account information, although the specific types of compromised data remain unclear.
Date Detected: 2016-03-21
Date Publicly Disclosed: 2016-03-21
Type: Data Breach
Title: Discover Financial Services Data Breach
Description: The Maine Office of the Attorney General reported that Discover Financial Services experienced a data breach due to an inadvertent disclosure, affecting 690 individuals, with 2 residents specifically impacted.
Date Publicly Disclosed: 2020-12-17
Type: Data Breach
Attack Vector: Inadvertent Disclosure
Title: Data Breach at Discover Financial Services
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on October 26, 2016. The breach occurred on March 2, 2015, potentially affecting Discover card account information, though the specifics of the data compromised are unclear.
Date Detected: 2016-10-26
Date Publicly Disclosed: 2016-10-26
Type: Data Breach
Title: Data Breach at Discover Financial Services
Description: The California Attorney General reported a data breach involving Discover Financial Services on July 21, 2017. The breach occurred on September 4, 2016, and involved Discover card account information, although specific details about the data compromised are unclear.
Date Detected: 2017-07-21
Date Publicly Disclosed: 2017-07-21
Type: Data Breach
Title: Discover Financial Services Data Breach
Description: The California Office of the Attorney General reported that Discover Financial Services experienced a data breach on August 2, 2015, and the breach was reported on March 21, 2016. The breach involved Discover card account information, though specific details about the types of information compromised and the number of affected individuals are unclear.
Date Detected: 2015-08-02
Date Publicly Disclosed: 2016-03-21
Type: Data Breach
Title: Discover Financial Services Data Breach
Description: The California Office of the Attorney General reported that Discover Financial Services experienced a data breach on April 10, 2014, with the breach being reported on June 26, 2015. The breach involved the potential compromise of card account information, but no specific number of individuals affected or exact types of information compromised were provided.
Date Detected: 2014-04-10
Date Publicly Disclosed: 2015-06-26
Type: Data Breach
Title: Data Breach Involving Discover Financial Services
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on July 20, 2016. The breach occurred on June 19, 2014, potentially affecting Discover card account information, though the exact number of affected individuals is unknown. The breach did not involve Discover's systems directly and led to the issuance of new cards with updated security features.
Date Detected: 2014-06-19
Date Publicly Disclosed: 2016-07-20
Type: Data Breach
Title: Discover Financial Services Data Breach
Description: The California Office of the Attorney General reported that Discover Financial Services experienced a data breach involving Discover card accounts on June 23, 2017. The breach occurred on July 1, 2014, and affected undisclosed numbers of individuals, with potential exposure of Discover card account information.
Date Detected: 2017-06-23
Date Publicly Disclosed: 2017-06-23
Type: Data Breach
Title: Data Breach at Discover Financial Services
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on May 24, 2013. The specific date of the breach is not available, and no details regarding the number of individuals affected or the types of information compromised were provided.
Date Publicly Disclosed: 2013-05-24
Type: Data Breach
Title: Discover Financial Services Data Breach
Description: The California Attorney General reported on October 19, 2017, that Discover Financial Services experienced a data breach on April 27, 2017. The breach involved Discover card account information, although the specific details of the compromised data are unclear.
Date Detected: 2017-04-27
Date Publicly Disclosed: 2017-10-19
Type: Data Breach
Title: Discover Financial Services Data Breach
Description: The California Office of the Attorney General reported that Discover Financial Services experienced a data breach on January 2, 2016, with the breach notification reported on February 20, 2017. The breach involved Discover card account information, although the specific data compromised is unknown at this time.
Date Detected: 2016-01-02
Date Publicly Disclosed: 2017-02-20
Type: Data Breach
Title: Discover Financial Services Data Breach
Description: The California Office of the Attorney General reported that Discover Financial Services experienced a data breach involving Discover card account information on June 17, 2016. The breach occurred on January 1, 2014; however, the specific number of individuals affected is unknown, and it is unclear which specific data may have been compromised.
Date Detected: 2016-06-17
Date Publicly Disclosed: 2016-06-17
Type: Data Breach
Title: Discover Financial Services Data Breach (2015)
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services. The breach occurred on November 24, 2015, potentially affecting account information, although the specific types of data compromised remain unclear.
Date Publicly Disclosed: 2017-05-17
Type: Data Breach
Title: Data Breach at Discover Financial Services (2013)
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on October 17, 2013. A notification letter indicated that account information for two cards may have been compromised, but there was no evidence of unauthorized use. Specific details on the method of breach and the number of individuals affected were not disclosed.
Date Publicly Disclosed: 2013-10-17
Type: Data Breach
Title: Discover Financial Services Data Breach (2015)
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services. The breach occurred on May 1, 2015, and involved Discover card account information, though specific details on the data compromised are unclear.
Date Publicly Disclosed: 2017-11-21
Type: Data Breach
Title: Discover Financial Services Data Breach (2016)
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services. The breach occurred on April 5, 2016, and involved Discover card account information, though specific details about what data was compromised are unknown. As a response, new cards with new security codes and expiration dates were issued to affected customers.
Date Publicly Disclosed: 2017-06-23
Type: Data Breach
Title: Discover Financial Services Data Breach (2014)
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on June 23, 2017. The breach occurred on September 11, 2014, potentially exposing Discover card account information, though specific types of data stolen remain unknown.
Date Publicly Disclosed: 2017-06-23
Type: Data Breach
Title: Data Breach Incident at Discover Financial Services
Description: The California Office of the Attorney General reported a data breach incident involving Discover Financial Services on November 18, 2013. The notification indicates that account information may have been compromised, but no unauthorized access was confirmed, and the specific breach date is not available.
Date Publicly Disclosed: 2013-11-18
Type: Data Breach
Title: Discover Financial Services Data Breach (2016)
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services. The breach occurred on February 26, 2016, and involved Discover card account information, though the specific data that may have been stolen is unclear. The company is issuing new cards to affected individuals as a precautionary measure.
Date Publicly Disclosed: 2018-11-21
Type: Data Breach
Title: Discover Financial Services Data Breach (2012)
Description: The California Office of the Attorney General reported a data breach notification from Discover Financial Services on May 25, 2012. The breach involved a potential compromise of card account information, leading to customers being issued new cards; specific numbers of affected individuals and the exact method of breach were not provided.
Date Publicly Disclosed: 2012-05-25
Type: Data Breach
Title: Discover Financial Services Data Breach (2016)
Description: The California Attorney General reported that Discover Financial Services experienced a data breach involving Discover card account information. Specific details on the types of data compromised remain unclear.
Date Publicly Disclosed: 2017-07-21
Type: Data Breach
Title: Data Breach at Discover Financial Services (2018)
Description: The California Office of the Attorney General reported a data breach involving Discover Financial Services on July 18, 2018, which occurred on January 2, 2018. The breach involved Discover card account information, though the specific details of which data were compromised remain unclear.
Date Detected: 2018-01-02
Date Publicly Disclosed: 2018-07-18
Type: Data Breach
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach DIS714072525
Data Compromised: Discover card account information
Incident : Data Breach DIS114072525
Data Compromised: Account information
Incident : Data Breach DIS406072525
Data Compromised: Discover card account information
Incident : Data Breach DIS005072625
Data Compromised: Account Information
Incident : Data Breach DIS014072625
Data Compromised: Discover card account information
Incident : Data Breach DIS323072625
Data Compromised: Discover card account information
Incident : Data Breach DIS547072625
Data Compromised: Discover card account information
Incident : Data Breach DIS737072625
Data Compromised: Discover card account information
Incident : Data Breach DIS1018072625
Data Compromised: Discover card account information
Incident : Data Breach DIS145072725
Data Compromised: Discover card account information
Incident : Data Breach DIS521072725
Data Compromised: Discover card account information
Incident : Data Breach DIS851072725
Data Compromised: Discover card account information
Incident : Data Breach DIS954072725
Data Compromised: Discover card account information
Incident : Data Breach DIS913072825
Data Compromised: Discover card account information
Incident : Data Breach DIS822072825
Data Compromised: Discover card account information
Incident : Data Breach DIS929072825
Data Compromised: Discover card account information
Incident : Data Breach DIS227072825
Data Compromised: Card account information
Incident : Data Breach DIS232072825
Data Compromised: Discover card account information
Incident : Data Breach DIS037072925
Data Compromised: Discover card account information
Incident : Data Breach DIS257072925
Data Compromised: Discover card account information
Incident : Data Breach DIS818080425
Data Compromised: Discover card account information
Incident : Data Breach DIS743082025
Data Compromised: Account information (unspecified)
Incident : Data Breach DIS023090625
Data Compromised: Account information for two cards
Payment Information Risk: Potential (no evidence of unauthorized use)
Incident : Data Breach DIS034090625
Data Compromised: Discover card account information
Payment Information Risk: Potential (details unclear)
Incident : Data Breach DIS041090625
Payment Information Risk: True
Incident : Data Breach DIS1011090725
Payment Information Risk: True
Incident : Data Breach DIS954091725
Data Compromised: Account information (potentially)
Payment Information Risk: Potential (account information)
Incident : Data Breach DIS1008091725
Data Compromised: Discover card account information
Identity Theft Risk: Potential (unclear specifics)
Payment Information Risk: Potential (unclear specifics)
Incident : Data Breach DIS546091725
Data Compromised: Card account information
Operational Impact: Customers issued new cards
Payment Information Risk: Potential compromise of card account information
Incident : Data Breach DIS016091825
Data Compromised: Discover card account information
Payment Information Risk: Potential (unclear specifics)
Incident : Data Breach DIS027091825
Data Compromised: Discover card account information
Payment Information Risk: Potential (details unclear)
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Discover Card Account Information, , Account Information, , Discover Card Account Information, , Account Information, Discover Card Account Information, , Discover Card Account Information, , Discover Card Account Information, , Discover card account information, Discover Card Account Information, , Discover card account information, Discover card account information, Discover Card Account Information, , Discover Card Account Information, , Discover card account information, Discover Card Account Information, , Discover Card Account Information, , Card Account Information, , Discover card account information, Discover Card Account Information, , Discover Card Account Information, , Discover card account information, Account information, Account information (credit/debit card details), Card Account Information, , Discover Card Account Information, , Discover Card Account Information, , Account information, Card Account Information, , Card account information, Discover Card Account Information, and Card account information.
Which entities were affected by each incident ?
Incident : Data Breach DIS121072425
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Finance
Incident : Data Breach DIS714072525
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Finance
Incident : Data Breach DIS114072525
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Finance
Location: California
Incident : Data Breach DIS406072525
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Finance
Incident : Data Breach DIS005072625
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Finance
Customers Affected: 2
Incident : Data Breach DIS014072625
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Finance
Incident : Data Breach DIS323072625
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Finance
Incident : Data Breach DIS547072625
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Finance
Incident : Data Breach DIS737072625
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Finance
Incident : Data Breach DIS1018072625
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Finance
Incident : Data Breach DIS145072725
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Finance
Incident : Data Breach DIS521072725
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Finance
Incident : Data Breach DIS851072725
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Finance
Incident : Data Breach DIS954072725
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Finance
Incident : Data Breach DIS631072825
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Finance
Customers Affected: 690
Incident : Data Breach DIS913072825
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Finance
Incident : Data Breach DIS822072825
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Finance
Incident : Data Breach DIS929072825
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Finance
Incident : Data Breach DIS227072825
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Finance
Incident : Data Breach DIS232072825
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Finance
Incident : Data Breach DIS037072925
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Finance
Incident : Data Breach DIS205072925
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Finance
Incident : Data Breach DIS257072925
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Finance
Incident : Data Breach DIS818080425
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Finance
Incident : Data Breach DIS253080525
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Finance
Incident : Data Breach DIS743082025
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Banking/Financial
Location: United States (California)
Incident : Data Breach DIS023090625
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Banking/Financial
Location: United States (California)
Incident : Data Breach DIS034090625
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Banking/Financial
Location: United States (California)
Incident : Data Breach DIS041090625
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Banking/Credit Cards
Location: United States (California)
Incident : Data Breach DIS1011090725
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Banking/Credit Cards
Location: United States (California)
Incident : Data Breach DIS954091725
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Banking/Financial
Location: United States (California)
Incident : Data Breach DIS1008091725
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Banking/Credit Cards
Location: United States (California)
Incident : Data Breach DIS546091725
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Banking/Credit Cards
Location: United States (California)
Incident : Data Breach DIS016091825
Entity Name: Discover Financial Services
Entity Type: Financial Institution
Industry: Financial Services
Location: United States (California)
Incident : Data Breach DIS027091825
Entity Name: Discover Financial Services
Entity Type: Financial Services
Industry: Banking/Financial
Location: United States (California)
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach DIS114072525
Remediation Measures: Issuance of new cards
Communication Strategy: Advised customers of potential compromise
Incident : Data Breach DIS406072525
Remediation Measures: Issued new cards to affected individuals
Incident : Data Breach DIS014072625
Remediation Measures: Issuing new cards
Incident : Data Breach DIS547072625
Remediation Measures: Issued new cards with new security codes and expiration dates
Incident : Data Breach DIS145072725
Remediation Measures: Issuing new cards to affected users
Incident : Data Breach DIS232072825
Remediation Measures: Issuance of new cards with updated security features
Incident : Data Breach DIS023090625
Communication Strategy: Notification letter sent to affected parties via the California Office of the Attorney General
Incident : Data Breach DIS041090625
Remediation Measures: Issuance of new cards with updated security codes and expiration dates to affected customers
Incident : Data Breach DIS954091725
Communication Strategy: Public disclosure via California Office of the Attorney General
Incident : Data Breach DIS1008091725
Remediation Measures: Issuing new cards to affected individuals
Incident : Data Breach DIS546091725
Law Enforcement Notified: California Office of the Attorney General
Remediation Measures: Customers issued new cards
Incident : Data Breach DIS027091825
Law Enforcement Notified: Yes (California Office of the Attorney General)
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach DIS714072525
Type of Data Compromised: Discover card account information
Incident : Data Breach DIS114072525
Type of Data Compromised: Account information
Incident : Data Breach DIS406072525
Type of Data Compromised: Discover card account information
Incident : Data Breach DIS005072625
Type of Data Compromised: Account Information
Number of Records Exposed: 2
Incident : Data Breach DIS014072625
Type of Data Compromised: Discover card account information
Incident : Data Breach DIS323072625
Type of Data Compromised: Discover card account information
Incident : Data Breach DIS547072625
Type of Data Compromised: Discover card account information
Incident : Data Breach DIS737072625
Type of Data Compromised: Discover card account information
Incident : Data Breach DIS1018072625
Type of Data Compromised: Discover card account information
Incident : Data Breach DIS145072725
Type of Data Compromised: Discover card account information
Incident : Data Breach DIS521072725
Type of Data Compromised: Discover card account information
Incident : Data Breach DIS851072725
Type of Data Compromised: Discover card account information
Incident : Data Breach DIS954072725
Type of Data Compromised: Discover card account information
Incident : Data Breach DIS631072825
Number of Records Exposed: 690
Incident : Data Breach DIS913072825
Type of Data Compromised: Discover card account information
Incident : Data Breach DIS822072825
Type of Data Compromised: Discover card account information
Incident : Data Breach DIS929072825
Type of Data Compromised: Discover card account information
Incident : Data Breach DIS227072825
Type of Data Compromised: Card account information
Incident : Data Breach DIS232072825
Type of Data Compromised: Discover card account information
Incident : Data Breach DIS037072925
Type of Data Compromised: Discover card account information
Incident : Data Breach DIS257072925
Type of Data Compromised: Discover card account information
Incident : Data Breach DIS818080425
Type of Data Compromised: Discover card account information
Incident : Data Breach DIS743082025
Type of Data Compromised: Account information
Incident : Data Breach DIS023090625
Type of Data Compromised: Account information (credit/debit card details)
Number of Records Exposed: 2
Sensitivity of Data: High (payment card data)
Incident : Data Breach DIS034090625
Type of Data Compromised: Card account information
Sensitivity of Data: High (financial)
Incident : Data Breach DIS041090625
Type of Data Compromised: Discover card account information
Sensitivity of Data: High (payment card data)
Incident : Data Breach DIS1011090725
Type of Data Compromised: Discover card account information
Sensitivity of Data: High (potential payment information)
Incident : Data Breach DIS954091725
Type of Data Compromised: Account information
Sensitivity of Data: Moderate (account-related)
Incident : Data Breach DIS1008091725
Type of Data Compromised: Card account information
Sensitivity of Data: High (payment-related)
Data Exfiltration: Unclear
Incident : Data Breach DIS546091725
Type of Data Compromised: Card account information
Sensitivity of Data: High (payment card data)
Incident : Data Breach DIS016091825
Type of Data Compromised: Discover card account information
Sensitivity of Data: High (financial)
Incident : Data Breach DIS027091825
Type of Data Compromised: Card account information
Sensitivity of Data: High (financial)
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Issuance of new cards, , Issued new cards to affected individuals, , Issuing new cards, , Issued new cards with new security codes and expiration dates, , Issuing new cards to affected users, Issuance of new cards with updated security features, Issuance of new cards with updated security codes and expiration dates to affected customers, , Issuing new cards to affected individuals, , Customers issued new cards.
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach DIS743082025
Regulatory Notifications: California Office of the Attorney General
Incident : Data Breach DIS023090625
Regulatory Notifications: California Office of the Attorney General
Incident : Data Breach DIS034090625
Regulatory Notifications: California Office of the Attorney General
Incident : Data Breach DIS041090625
Regulatory Notifications: California Office of the Attorney General
Incident : Data Breach DIS1011090725
Regulatory Notifications: California Office of the Attorney General
Incident : Data Breach DIS954091725
Regulatory Notifications: California Office of the Attorney General
Incident : Data Breach DIS1008091725
Regulatory Notifications: California Office of the Attorney General
Incident : Data Breach DIS546091725
Regulatory Notifications: California Office of the Attorney General
Incident : Data Breach DIS016091825
Regulatory Notifications: California Attorney General (2017-07-21)
Incident : Data Breach DIS027091825
Regulatory Notifications: California Office of the Attorney General
References
Where can I find more information about each incident ?
Incident : Data Breach DIS121072425
Source: California Office of the Attorney General
Incident : Data Breach DIS714072525
Source: California Office of the Attorney General
Date Accessed: 2016-09-23
Incident : Data Breach DIS114072525
Source: California Office of the Attorney General
Date Accessed: 2012-08-17
Incident : Data Breach DIS406072525
Source: California Office of the Attorney General
Date Accessed: 2019-01-25
Incident : Data Breach DIS005072625
Source: California Office of the Attorney General
Date Accessed: 2013-12-20
Incident : Data Breach DIS014072625
Source: California Office of the Attorney General
Date Accessed: 2017-07-21
Incident : Data Breach DIS323072625
Source: California Office of the Attorney General
Date Accessed: 2018-06-25
Incident : Data Breach DIS547072625
Source: California Office of the Attorney General
Date Accessed: 2016-10-26
Incident : Data Breach DIS737072625
Source: California Office of the Attorney General
Date Accessed: 2017-02-20
Incident : Data Breach DIS1018072625
Source: California Office of the Attorney General
Date Accessed: 2017-07-21
Incident : Data Breach DIS145072725
Source: California Office of the Attorney General
Incident : Data Breach DIS521072725
Source: California Office of the Attorney General
Date Accessed: 2013-01-18
Incident : Data Breach DIS851072725
Source: California Office of the Attorney General
Date Accessed: 2016-07-20
Incident : Data Breach DIS954072725
Source: California Office of the Attorney General
Date Accessed: 2016-03-21
Incident : Data Breach DIS631072825
Source: Maine Office of the Attorney General
Incident : Data Breach DIS913072825
Source: California Office of the Attorney General
Date Accessed: 2016-10-26
Incident : Data Breach DIS929072825
Source: California Office of the Attorney General
Incident : Data Breach DIS227072825
Source: California Office of the Attorney General
Incident : Data Breach DIS232072825
Source: California Office of the Attorney General
Incident : Data Breach DIS037072925
Source: California Office of the Attorney General
Incident : Data Breach DIS205072925
Source: California Office of the Attorney General
Date Accessed: 2013-05-24
Incident : Data Breach DIS818080425
Source: California Office of the Attorney General
Incident : Data Breach DIS253080525
Source: California Office of the Attorney General
Incident : Data Breach DIS743082025
Source: California Office of the Attorney General
Incident : Data Breach DIS023090625
Source: California Office of the Attorney General
Incident : Data Breach DIS034090625
Source: California Office of the Attorney General
Date Accessed: 2017-11-21
Incident : Data Breach DIS041090625
Source: California Office of the Attorney General
Date Accessed: 2017-06-23
Incident : Data Breach DIS1011090725
Source: California Office of the Attorney General
Date Accessed: 2017-06-23
Incident : Data Breach DIS954091725
Source: California Office of the Attorney General
Date Accessed: 2013-11-18
Incident : Data Breach DIS1008091725
Source: California Office of the Attorney General
Date Accessed: 2018-11-21
Incident : Data Breach DIS546091725
Source: California Office of the Attorney General
Date Accessed: 2012-05-25
Incident : Data Breach DIS016091825
Source: California Attorney General Report
Date Accessed: 2017-07-21
Incident : Data Breach DIS027091825
Source: California Office of the Attorney General
Date Accessed: 2018-07-18
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: California Office of the Attorney General, and Source: California Office of the Attorney GeneralDate Accessed: 2016-09-23, and Source: California Office of the Attorney GeneralDate Accessed: 2012-08-17, and Source: California Office of the Attorney GeneralDate Accessed: 2019-01-25, and Source: California Office of the Attorney GeneralDate Accessed: 2013-12-20, and Source: California Office of the Attorney GeneralDate Accessed: 2017-07-21, and Source: California Office of the Attorney GeneralDate Accessed: 2018-06-25, and Source: California Office of the Attorney GeneralDate Accessed: 2016-10-26, and Source: California Office of the Attorney GeneralDate Accessed: 2017-02-20, and Source: California Office of the Attorney GeneralDate Accessed: 2017-07-21, and Source: California Office of the Attorney General, and Source: California Office of the Attorney GeneralDate Accessed: 2013-01-18, and Source: California Office of the Attorney GeneralDate Accessed: 2016-07-20, and Source: California Office of the Attorney GeneralDate Accessed: 2016-03-21, and Source: Maine Office of the Attorney General, and Source: California Office of the Attorney GeneralDate Accessed: 2016-10-26, and Source: California Attorney GeneralDate Accessed: 2017-07-21, and Source: California Office of the Attorney General, and Source: California Office of the Attorney General, and Source: California Office of the Attorney General, and Source: California Office of the Attorney General, and Source: California Office of the Attorney GeneralDate Accessed: 2013-05-24, and Source: California Attorney GeneralDate Accessed: 2017-10-19, and Source: California Office of the Attorney General, and Source: California Office of the Attorney General, and Source: California Office of the Attorney General, and Source: California Office of the Attorney General, and Source: California Office of the Attorney GeneralDate Accessed: 2017-11-21, and Source: California Office of the Attorney GeneralDate Accessed: 2017-06-23, and Source: California Office of the Attorney GeneralDate Accessed: 2017-06-23, and Source: California Office of the Attorney GeneralDate Accessed: 2013-11-18, and Source: California Office of the Attorney GeneralDate Accessed: 2018-11-21, and Source: California Office of the Attorney GeneralDate Accessed: 2012-05-25, and Source: California Attorney General ReportDate Accessed: 2017-07-21, and Source: California Office of the Attorney GeneralDate Accessed: 2018-07-18.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach DIS023090625
Investigation Status: Limited details available; no evidence of unauthorized use reported
Incident : Data Breach DIS954091725
Investigation Status: No unauthorized access confirmed; breach details limited
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Advised Customers Of Potential Compromise, Notification letter sent to affected parties via the California Office of the Attorney General and Public disclosure via California Office of the Attorney General.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach DIS114072525
Customer Advisories: Advised customers of potential compromise
Incident : Data Breach DIS023090625
Customer Advisories: Notification letter sent (via California AG)
Incident : Data Breach DIS041090625
Customer Advisories: New cards with updated security codes and expiration dates were issued to affected customers
Incident : Data Breach DIS1008091725
Customer Advisories: New cards issued to affected individuals
Incident : Data Breach DIS546091725
Customer Advisories: Customers issued new cards
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Advised Customers Of Potential Compromise, , Notification letter sent (via California AG), New Cards With Updated Security Codes And Expiration Dates Were Issued To Affected Customers, , New Cards Issued To Affected Individuals, and Customers issued new cards.
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2015-10-27.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2018-07-18.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Discover card account information, , Account Information, , Discover card account information, , Account Information, Discover card account information, , Discover card account information, , Discover card account information, , Discover card account information, Discover card account information, , Discover card account information, Discover card account information, Discover card account information, , Discover card account information, , Discover card account information, Discover card account information, , Discover card account information, , card account information, , Discover card account information, Discover card account information, , Discover card account information, , Discover card account information, Account information (unspecified), Account information for two cards, Discover card account information, , , , Account information (potentially), Discover card account information, , Card account information, , Discover card account information, , Discover card account information and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Card account information, card account information, Account information (unspecified), Discover card account information, Account Information, Account information for two cards and Account information (potentially).
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 694.0.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are California Attorney General Report, Maine Office of the Attorney General, California Attorney General and California Office of the Attorney General.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Limited details available; no evidence of unauthorized use reported.
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued were an Advised customers of potential compromise, Notification letter sent (via California AG), New cards with updated security codes and expiration dates were issued to affected customers, New cards issued to affected individuals and Customers issued new cards.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=discover-financial-services' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
