Entergy
Company Details
Linkedin ID:
entergy
Website:
Employees number:
12,016
Number of followers:
163,169
NAICS:
22
Industry Type:
Homepage:
entergy.com
IP Addresses:
0
Company ID:
ENT_1174772
Scan Status:
In-progress
Entergy Company CyberSecurity Posture
entergy.com
At Entergy (NYSE: ETR), we power life. More than 100 years ago, our founder Harvey Couch started this company with a handshake, some sawdust and a vision. Couch wanted to bring safe, affordable, reliable energy to the Middle South – energy that would power the lives of people and communities. Today, we own and operate one of the cleanest large-scale U.S. power generating fleets including more than five gigawatts of carbon-free nuclear capacity, a fleet of highly efficient gas resources, and a fast-growing portfolio of renewable resources. The nearly 12,000 men and women of Entergy deliver electricity and gas services to 3 million utility customers in Arkansas, Louisiana, Mississippi and Texas, generating annual GAAP revenues of $13.8 billion. Headquartered in New Orleans, we continue to play a driving role in the economic growth of the Gulf South. Our work matters. That’s been true for more than 100 years. And as we look to the next century, we remember the constant that bridges our past and future: We Power Life. Fast Facts: Entergy currently has a 90% rating on the 2022 Corporate Equality Index released by the Human Rights Campaign Foundation. This score places Entergy among the top energy and utility companies in the survey. With roots in the Gulf South region for more than a century, Entergy is a recognized leader in corporate citizenship, delivering more than $100 million in economic benefits to local communities through philanthropy and advocacy efforts annually over the last several years. With a total of 44 awards from EEI for its restoration and mutual-assistance work, Entergy remains the only utility company to have won either EEI's Recovery or Assistance Award, or both, every year since the awards began in 1998.
Entergy A.I CyberSecurity Scoring
Entergy Risk Score (AI oriented)Between 800 and 849
Entergy
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Entergy Global Score (TPRM)XXXX
Entergy
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Entergy Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Entergy
Data Leak
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: TALX is working with Entergy to notify former and current Entergy employees whose 2016 W-2 data have been acquired by criminals from the TALX portal. An unauthorized third party gained access to the accounts. It was done primarily by successfully answering personal questions about the affected employees in order to reset the employees’ PINS. It gave unauthorized access to certain Entergy employees’ online portal accounts and electronic W-2 tax forms for the tax year 2016 or earlier. TALX has arranged for two years of complimentary restoration and assistance help for affected Entergy employees.
Entergy Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Entergy
Incidents vs Utilities Industry Average (This Year)
No incidents recorded for Entergy in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Entergy in 2026.
Incident Types Entergy vs Utilities Industry Avg (This Year)
No incidents recorded for Entergy in 2026.
Incident History — Entergy (X = Date, Y = Severity)
Entergy cyber incidents detection timeline including parent company and subsidiaries
Entergy Company Subsidiaries
At Entergy (NYSE: ETR), we power life. More than 100 years ago, our founder Harvey Couch started this company with a handshake, some sawdust and a vision. Couch wanted to bring safe, affordable, reliable energy to the Middle South – energy that would power the lives of people and communities. Today, we own and operate one of the cleanest large-scale U.S. power generating fleets including more than five gigawatts of carbon-free nuclear capacity, a fleet of highly efficient gas resources, and a fast-growing portfolio of renewable resources. The nearly 12,000 men and women of Entergy deliver electricity and gas services to 3 million utility customers in Arkansas, Louisiana, Mississippi and Texas, generating annual GAAP revenues of $13.8 billion. Headquartered in New Orleans, we continue to play a driving role in the economic growth of the Gulf South. Our work matters. That’s been true for more than 100 years. And as we look to the next century, we remember the constant that bridges our past and future: We Power Life. Fast Facts: Entergy currently has a 90% rating on the 2022 Corporate Equality Index released by the Human Rights Campaign Foundation. This score places Entergy among the top energy and utility companies in the survey. With roots in the Gulf South region for more than a century, Entergy is a recognized leader in corporate citizenship, delivering more than $100 million in economic benefits to local communities through philanthropy and advocacy efforts annually over the last several years. With a total of 44 awards from EEI for its restoration and mutual-assistance work, Entergy remains the only utility company to have won either EEI's Recovery or Assistance Award, or both, every year since the awards began in 1998.
Loading...
Entergy Similar Companies
Pacific Gas and Electric Company, incorporated in California in 1905, is one of the largest combination natural gas and electric utilities in the United States. Based in San Francisco, the company is a subsidiary of PG&E Corporation. There are approximately 20,000 employees who carry out Pacific
Duke Energy, a Fortune 150 company headquartered in Charlotte, N.C., is one of America’s largest energy holding companies. The company’s electric utilities serve 8.4 million customers in North Carolina, South Carolina, Florida, Indiana, Ohio and Kentucky, and collectively own 54,800 megawatts of ene
National Grid lies at the heart of a transforming energy system. Our business areas play a vital role in connecting millions of people to the energy they use, while continually seeking ways to make the energy system clean, fair, and affordable. In the UK we own and develop the high-voltage electri
NTPC Limited is India’s largest power generation utility with roots planted way back in 1975 to accelerate power development in India. Since then it has established itself as the dominant power major with a presence in the entire value chain of the power generation business. From fossil fuels, it ha
Dominion Energy (NYSE: D), headquartered in Richmond, Va., provides regulated electricity service to 3.6 million homes and businesses in Virginia, North Carolina, and South Carolina, and regulated natural gas service to 500,000 customers in South Carolina. The company is one of the nation’s leading
ACCIONA champions a different way of doing business: Business as Unusual, delivering benefits far beyond the corporate realm. Driven by the ambition to leave a positive legacy for society and design a better planet, we lead in developing solutions in renewable energy, sustainable water management,
Centrica is an international energy services and solutions company, founded on a 200-year heritage of serving customers in homes and businesses. We supply energy and services to over 10 million customers, mainly in the UK and Ireland, through brands such as British Gas, Bord Gáis Energy and Centri
American Electric Power
Our team at American Electric Power is committed to improving our customers' lives with reliable, affordable power. We are investing $54 billion from 2025 through 2029 to enhance service for customers and support the growing energy needs of our communities. Our nearly 16,000 employees operate and ma
Hitachi Energy
Hitachi Energy is a global technology leader in electrification, powering a sustainable energy future with innovative power grid technologies with digital at the core. Over three billion people depend on our technologies to power their daily lives. With over a century in pioneering mission-critical
.png)
Entergy CyberSecurity News
December 11, 2025 08:00 AM
Grid-scale battery energy storage systems face heightened risk of cyberattack
Experts warn that state-linked threat groups are actively searching for ways to disrupt the industry amid growing power demand in the U.S..
December 07, 2025 08:00 AM
Cyber-Informed Engineering | Energy Security and Resilience Research | NLR
NLR advances cyber-informed engineering (CIE) in the interest of designing secure energy systems and in support of the U.S. Department of...
December 02, 2025 08:00 AM
Pallone Touts Importance of Bipartisan Cooperation and a Fully Staffed DOE at Energy Cybersecurity Hearing
Pallone Touts Importance of Bipartisan Cooperation and a Fully Staffed DOE at Energy Cybersecurity Hearing ... I'm pleased the Subcommittee is...
November 18, 2025 08:00 AM
Securing the Energy Sector: Advancing Critical Infrastructure Protection in an Era of Converging Threats
The convergence of IT and OT settings has opened up a new risk frontier, as older industrial systems that were never meant for connection...
November 11, 2025 08:00 AM
SECI Invites Bids For Development Of Renewable Energy Cybersecurity Compliance Portal (RECAP)
SECI Invites Bids For Development Of Renewable Energy Cybersecurity Compliance Portal (RECAP) ... The Solar Energy Corporation of India Limited (...
November 07, 2025 08:00 AM
Energy CyberLearn Program Expands to Train the Next Generation of Cybersecure Energy Leaders
The Office for Research and Innovation has launched the second year of the Energy CyberLearn Internship Program, preparing students for...
October 30, 2025 07:00 AM
EU holds "8th Cybersecurity Forum" on protecting Europe's critical energy grid
“The resilience of European energy grids depends on a shared commitment to implement current legislation and best practices in cybersecurity in...
October 27, 2025 06:41 AM
Smart Grid Cybersecurity Market Size, Forecast 2025-2034
The smart grid cybersecurity market size exceeded USD 7.5 billion in 2024 and is projected to grow at over 11.7% CAGR from 2025 to 2034, driven by the...
October 17, 2025 07:00 AM
Securing the Energy Frontier: Cybersecurity Roundtable
“Securing the Oil & Gas Frontier,” a Cybersecurity Roundtable hosted by Kaspersky and Oil & Gas Middle East, unites senior executives and...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Entergy CyberSecurity History Information
Official Website of Entergy
The official website of Entergy is https://www.entergy.com.
Entergy’s AI-Generated Cybersecurity Score
According to Rankiteo, Entergy’s AI-generated cybersecurity score is 806, reflecting their Good security posture.
How many security badges does Entergy’ have ?
According to Rankiteo, Entergy currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Entergy been affected by any supply chain cyber incidents ?
According to Rankiteo, Entergy has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Entergy have SOC 2 Type 1 certification ?
According to Rankiteo, Entergy is not certified under SOC 2 Type 1.
Does Entergy have SOC 2 Type 2 certification ?
According to Rankiteo, Entergy does not hold a SOC 2 Type 2 certification.
Does Entergy comply with GDPR ?
According to Rankiteo, Entergy is not listed as GDPR compliant.
Does Entergy have PCI DSS certification ?
According to Rankiteo, Entergy does not currently maintain PCI DSS compliance.
Does Entergy comply with HIPAA ?
According to Rankiteo, Entergy is not compliant with HIPAA regulations.
Does Entergy have ISO 27001 certification ?
According to Rankiteo,Entergy is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Entergy
Entergy operates primarily in the Utilities industry.
Number of Employees at Entergy
Entergy employs approximately 12,016 people worldwide.
Subsidiaries Owned by Entergy
Entergy presently has no subsidiaries across any sectors.
Entergy’s LinkedIn Followers
Entergy’s official LinkedIn profile has approximately 163,169 followers.
NAICS Classification of Entergy
Entergy is classified under the NAICS code 22, which corresponds to Utilities.
Entergy’s Presence on Crunchbase
Yes, Entergy has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/entergy-corporation.
Entergy’s Presence on LinkedIn
Yes, Entergy maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/entergy.
Cybersecurity Incidents Involving Entergy
As of January 25, 2026, Rankiteo reports that Entergy has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Entergy has an estimated 4,236 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Entergy ?
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak.
How does Entergy detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with talx, and remediation measures with two years of complimentary restoration and assistance help, and communication strategy with notification to affected employees..
Incident Details
Can you provide details on each incident ?
Title: TALX Data Breach Affecting Entergy Employees
Description: TALX is working with Entergy to notify former and current Entergy employees whose 2016 W-2 data have been acquired by criminals from the TALX portal. An unauthorized third party gained access to the accounts primarily by successfully answering personal questions about the affected employees in order to reset the employees’ PINS. It gave unauthorized access to certain Entergy employees’ online portal accounts and electronic W-2 tax forms for the tax year 2016 or earlier. TALX has arranged for two years of complimentary restoration and assistance help for affected Entergy employees.
Type: Data Breach
Attack Vector: Account Compromise
Vulnerability Exploited: Weak PIN reset security questions
Threat Actor: Unauthorized third party
Motivation: Data Theft
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Data Leak.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through PIN reset security questions.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach ENT18198622
Data Compromised: Employee w-2 data
Systems Affected: TALX portal
Identity Theft Risk: ['High']
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are W-2 Tax Forms and .
Which entities were affected by each incident ?
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach ENT18198622
Third Party Assistance: Talx.
Remediation Measures: Two years of complimentary restoration and assistance help
Communication Strategy: Notification to affected employees
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through TALX, .
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach ENT18198622
Type of Data Compromised: W-2 tax forms
Sensitivity of Data: High
Data Exfiltration: Yes
File Types Exposed: W-2 forms
Personally Identifiable Information: Yes
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Two years of complimentary restoration and assistance help, .
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Notification To Affected Employees.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach ENT18198622
Entry Point: PIN reset security questions
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach ENT18198622
Root Causes: Weak PIN reset security questions
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Talx, .
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Unauthorized third party.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Employee W-2 data and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was TALX portal.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was talx, .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was Employee W-2 data.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an PIN reset security questions.
.png)
Latest Global CVEs (Not Company-Specific)
Description
The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the processBackgroundAction() function in all versions up to, and including, 10.0.04. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify global map engine settings.
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Description
The Save as PDF Plugin by PDFCrowd plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘options’ parameter in all versions up to, and including, 4.5.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. NOTE: Successful exploitation of this vulnerability requires that the PDFCrowd API key is blank (also known as "demo mode", which is the default configuration when the plugin is installed) or known.
Risk Information
cvss3
Base: 6.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Description
The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the action_import_module() function in all versions up to, and including, 7.8.9.2. This makes it possible for authenticated attackers, with a lower-privileged role (e.g., Subscriber-level access and above), to upload arbitrary files on the affected site's server which may make remote code execution possible. Successful exploitation requires an admin to grant Hustle module permissions (or module edit access) to the low-privileged user so they can access the Hustle admin page and obtain the required nonce.
Risk Information
cvss3
Base: 7.5
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Description
The WP Directory Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.9 via the wdk_public_action AJAX handler. This makes it possible for unauthenticated attackers to extract email addresses for users with Directory Kit-specific user roles.
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Description
The Meta-box GalleryMeta plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
Risk Information
cvss3
Base: 4.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
References
- https://plugins.trac.wordpress.org/browser/meta-box-gallerymeta/tags/3.0.1/gallerymetaboxes.php#L119
- https://plugins.trac.wordpress.org/browser/meta-box-gallerymeta/tags/3.0.1/gallerymetaboxes.php#L314
- https://plugins.trac.wordpress.org/browser/meta-box-gallerymeta/tags/3.0.1/templates/single-mb_gallery.php#L31
- https://plugins.trac.wordpress.org/browser/meta-box-gallerymeta/tags/3.0.1/templates/single-mb_gallery.php#L33
- https://www.wordfence.com/threat-intel/vulnerabilities/id/bb9ae252-7e5f-4dc0-a162-100493b81980?source=cve
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=entergy' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
