EHSL
Company Details
Linkedin ID:
eskom
Website:
Employees number:
41,778
Number of followers:
561,602
NAICS:
22
Industry Type:
Homepage:
eskom.co.za
IP Addresses:
0
Company ID:
ESK_6298407
Scan Status:
In-progress
Eskom Holdings SOC Ltd Company CyberSecurity Posture
eskom.co.za
Company profile Eskom Holdings generates, transports and distributes approximately 95% of South Africa’s electricity – making up 60% of the total electricity consumed on the African continent. Eskom is the world’s eleventh-largest power utility in terms of generating capacity, ranks ninth in terms of sales, and boasts the world's largest dry-cooling power station. Eskom Holdings’ Enterprises Division designs, builds and refurbishes Eskom’s assets, and acts as a catalyst for project development for the group. Eskom Enterprises’ main focus is to support Eskom Holdings and be the custodian of non-regulated businesses and offer strategic and commercial lifecycle services to the line divisions.
Eskom Holdings SOC Ltd A.I CyberSecurity Scoring
EHSL Risk Score (AI oriented)Between 750 and 799
EHSL
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
EHSL Global Score (TPRM)XXXX
EHSL
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
EHSL Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Eskom Holdings SOC Ltd
Cyber Attack
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: Eskom, power utility organisation had security incident at its data center. The working of the systems were affected. The system worked slower than usual. Eskom had stage four load-shedding and increased power cuts.
EHSL Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for EHSL
Incidents vs Utilities Industry Average (This Year)
No incidents recorded for Eskom Holdings SOC Ltd in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Eskom Holdings SOC Ltd in 2025.
Incident Types EHSL vs Utilities Industry Avg (This Year)
No incidents recorded for Eskom Holdings SOC Ltd in 2025.
Incident History — EHSL (X = Date, Y = Severity)
EHSL cyber incidents detection timeline including parent company and subsidiaries
EHSL Company Subsidiaries
Company profile Eskom Holdings generates, transports and distributes approximately 95% of South Africa’s electricity – making up 60% of the total electricity consumed on the African continent. Eskom is the world’s eleventh-largest power utility in terms of generating capacity, ranks ninth in terms of sales, and boasts the world's largest dry-cooling power station. Eskom Holdings’ Enterprises Division designs, builds and refurbishes Eskom’s assets, and acts as a catalyst for project development for the group. Eskom Enterprises’ main focus is to support Eskom Holdings and be the custodian of non-regulated businesses and offer strategic and commercial lifecycle services to the line divisions.
Loading...
EHSL Similar Companies
Framatome is an international leader in nuclear energy recognized for its innovative, digital and value added solutions for the global nuclear fleet. With worldwide expertise and a proven track record for reliability and performance, the company designs, services and installs components, fuel, and i
PT PLN (Persero)
Indonesia State Electricity Corporation PLN has a long history in electricity industry of Indonesia. As the sole provider of electricity in Indonesia, PLN is striving to increase quality of services to all Indonesian. In 1972, in accordance with Government Regulation No.17, the State-owned Electric
WBSEDCL
The Government of West Bengal has restructured the erstwhile WBSEB into two successor entities, namely West Bengal State Electricity Distribution Company Limited (WBSEDCL) and West Bengal State Electricity Transmission Company Limited (WBSETCL), under the ownership of the State Government. The two C
Exelon
Exelon Corporation (Nasdaq: EXC) is the nation’s largest utility company, serving more than 10 million customers through six fully regulated utilities. We believe that reliable and affordable energy is essential to a brighter, more sustainable future. We are a FORTUNE 250 company operating across
Joint stock company "Elektroprivreda Srbije"
Joint stock company Elektroprivreda Srbije as the largest company in Serbia represents economic and energy backbone of the country. The main activities of EPS AD are the production, supply and trade of electricity. EPS is owner a the coal mines, thermopower plant and hydropower plant. EPS supplies e
We are a multinational company changing the face of energy, one of the world’s leading integrated utilities. As the largest private player in producing clean energy with renewable sources we have more than 88 GW of total capacity, including around 64 GW of renewables. Distributing electricity t
Pacific Gas and Electric Company
Pacific Gas and Electric Company, incorporated in California in 1905, is one of the largest combination natural gas and electric utilities in the United States. Based in San Francisco, the company is a subsidiary of PG&E Corporation. There are approximately 20,000 employees who carry out Pacific
Dominion Energy
Dominion Energy (NYSE: D), headquartered in Richmond, Va., provides regulated electricity service to 3.6 million homes and businesses in Virginia, North Carolina, and South Carolina, and regulated natural gas service to 500,000 customers in South Carolina. The company is one of the nation’s leading
The Saudi Electricity Company was established on the 5th of April in the year 2000, incorporated in accordance with Council of Ministers Mandate No. 169 dated November 30th, 1998, the Saudi Electricity Company was born out of the merger of smaller regional power company in the central, eastern, west
.png)
EHSL CyberSecurity News
November 25, 2025 08:00 AM
Africa Tech Festival Awards 2025 honour Africa’s trailblazers in technology and innovation
The Africa Tech Festival Awards 2025 (https://AfricaTechFestival.com/), held on Wednesday, 12 November 2025 in Cape Town, brought together...
April 07, 2025 07:00 AM
Hardware vulnerabilities in Hitachi Energy, ABB, B&R ICS devices pose critical infrastructure threat
Last week, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released five ICS (industrial control systems) advisories...
March 12, 2025 07:00 AM
South Africa reduces Eskom debt relief package by a further $1.1 billion
South Africa said on Wednesday that it would reduce its debt relief package for state power utility Eskom by a further 20 billion rand ($1.1...
March 04, 2025 08:00 AM
Explore South Africa’s Digital Future at the 35th Digital Transformation Summit
The 35th Edition of the Digital Transformation Summit takes place on 12 March 2025, from 9 AM-5 PM at Qurtuba Convention Centre.
December 19, 2024 08:00 AM
South Africa’s Eskom faces ‘existential problem’ as local councils fail to pay their bills
South Africa's government has warned that power utility Eskom is facing an “existential crisis” after the amount of unpaid bills owed by local municipalities...
December 19, 2024 08:00 AM
Eskom posts a R25.5 billion loss
The power utility yielding a profit of more than R10 billion in the 2024-25 financial year. This comes after a tumultuous 2023-24 year marred by 329 days of...
November 19, 2024 08:00 AM
ATF 2024: Tech innovators honored, record attendance
Africa Tech Festival 2024 concluded last week, drawing a record-breaking crowd, while the tech innovators were highlighted via the annual...
November 15, 2024 08:00 AM
Africa Tech Festival Innovation & Excellence Awards Highlights
Africa Tech Festival Innovation & Excellence Awards Highlights - IT News Africa | Business Technology, Telecoms and Startup News.
November 14, 2024 08:00 AM
Winners of the 2024 Africa Tech Festival Innovation and Excellence Awards Announced
The Africa Tech Festival Awards 2024 (https://apo-opa.co/3Z5WzfV) took place last night, 13 November 2024 at the stunning Bay Hotel in Camps...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
EHSL CyberSecurity History Information
Official Website of Eskom Holdings SOC Ltd
The official website of Eskom Holdings SOC Ltd is http://www.eskom.co.za.
Eskom Holdings SOC Ltd’s AI-Generated Cybersecurity Score
According to Rankiteo, Eskom Holdings SOC Ltd’s AI-generated cybersecurity score is 796, reflecting their Fair security posture.
How many security badges does Eskom Holdings SOC Ltd’ have ?
According to Rankiteo, Eskom Holdings SOC Ltd currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Eskom Holdings SOC Ltd have SOC 2 Type 1 certification ?
According to Rankiteo, Eskom Holdings SOC Ltd is not certified under SOC 2 Type 1.
Does Eskom Holdings SOC Ltd have SOC 2 Type 2 certification ?
According to Rankiteo, Eskom Holdings SOC Ltd does not hold a SOC 2 Type 2 certification.
Does Eskom Holdings SOC Ltd comply with GDPR ?
According to Rankiteo, Eskom Holdings SOC Ltd is not listed as GDPR compliant.
Does Eskom Holdings SOC Ltd have PCI DSS certification ?
According to Rankiteo, Eskom Holdings SOC Ltd does not currently maintain PCI DSS compliance.
Does Eskom Holdings SOC Ltd comply with HIPAA ?
According to Rankiteo, Eskom Holdings SOC Ltd is not compliant with HIPAA regulations.
Does Eskom Holdings SOC Ltd have ISO 27001 certification ?
According to Rankiteo,Eskom Holdings SOC Ltd is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Eskom Holdings SOC Ltd
Eskom Holdings SOC Ltd operates primarily in the Utilities industry.
Number of Employees at Eskom Holdings SOC Ltd
Eskom Holdings SOC Ltd employs approximately 41,778 people worldwide.
Subsidiaries Owned by Eskom Holdings SOC Ltd
Eskom Holdings SOC Ltd presently has no subsidiaries across any sectors.
Eskom Holdings SOC Ltd’s LinkedIn Followers
Eskom Holdings SOC Ltd’s official LinkedIn profile has approximately 561,602 followers.
NAICS Classification of Eskom Holdings SOC Ltd
Eskom Holdings SOC Ltd is classified under the NAICS code 22, which corresponds to Utilities.
Eskom Holdings SOC Ltd’s Presence on Crunchbase
No, Eskom Holdings SOC Ltd does not have a profile on Crunchbase.
Eskom Holdings SOC Ltd’s Presence on LinkedIn
Yes, Eskom Holdings SOC Ltd maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/eskom.
Cybersecurity Incidents Involving Eskom Holdings SOC Ltd
As of December 10, 2025, Rankiteo reports that Eskom Holdings SOC Ltd has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Eskom Holdings SOC Ltd has an estimated 4,176 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Eskom Holdings SOC Ltd ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack.
Incident Details
Can you provide details on each incident ?
Title: Eskom Data Center Security Incident
Description: Eskom, a power utility organisation, experienced a security incident at its data center. The working of the systems was affected, and they operated slower than usual. This led to stage four load-shedding and increased power cuts.
Type: Security Incident
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
Impact of the Incidents
What was the impact of each incident ?
Incident : Security Incident ESK238221222
Systems Affected: Data Center
Operational Impact: Slower system performanceStage four load-sheddingIncreased power cuts
Which entities were affected by each incident ?
Incident : Security Incident ESK238221222
Entity Name: Eskom
Entity Type: Power Utility
Industry: Energy
Additional Questions
Impact of the Incidents
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Data Center.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Tuleap is a free and open source suite for management of software development and collaboration. Versions of Tuleap Community Edition prior to 17.0.99.1763126988 and Tuleap Enterprise Edition prior to 17.0-3 and 16.13-8 have missing CSRF protections which allow attackers to create or remove tracker triggers. This issue is fixed in Tuleap Community Edition version 17.0.99.1763126988 and Tuleap Enterprise Edition versions 17.0-3 and 16.13-8.
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
- https://github.com/Enalean/tuleap/commit/71d427b0f7ed8fa269a5ee6f7a557cf3dfc99cd4
- https://github.com/Enalean/tuleap/security/advisories/GHSA-f2xv-x3g6-4j9p
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=71d427b0f7ed8fa269a5ee6f7a557cf3dfc99cd4
- https://tuleap.net/plugins/tracker/?aid=45618
Description
Tuleap is a free and open source suite for management of software development and collaboration. Tuleap Community Editon versions prior to 17.0.99.1762456922 and Tuleap Enterprise Edition versions prior to 17.0-2, 16.13-7 and 16.12-10 are vulnerable to CSRF attacks through planning management API. Attackers have access to create, edit or remove plans. This issue is fixed in Tuleap Community Edition version 17.0.99.1762456922 and Tuleap Enterprise Edtion versions 17.0-2, 16.13-7 and 16.12-10.
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
- https://github.com/Enalean/tuleap/commit/1734a7bb2964042310ddc3f6dd7b4c82eee27526
- https://github.com/Enalean/tuleap/security/advisories/GHSA-9h47-jg7r-ww7x
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=1734a7bb2964042310ddc3f6dd7b4c82eee27526
- https://tuleap.net/plugins/tracker/?aid=45592
Description
Tuleap is an Open Source Suite for management of software development and collaboration. Tuleap Community Edition versions below 17.0.99.1762444754 and Tuleap Enterprise Edition versions prior to 17.0-2, 16.13-7 and 16.12-10 allow attackers trick victims into changing tracker general settings. This issue is fixed in version Tuleap Community Edition version 17.0.99.1762444754 and Tuleap Enterprise Edition versions 17.0-2, 16.13-7 and 16.12-10.
Risk Information
cvss3
Base: 4.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
References
- https://github.com/Enalean/tuleap/commit/993316dd6a291bb3937cb7a4571eaab0e7d55370
- https://github.com/Enalean/tuleap/security/advisories/GHSA-vxfh-h8p6-p5rg
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=993316dd6a291bb3937cb7a4571eaab0e7d55370
- https://tuleap.net/plugins/tracker/?aid=45593
Description
Tuleap is an Open Source Suite for management of software development and collaboration. Versions below 17.0.99.1762431347 of Tuleap Community Edition and Tuleap Enterprise Edition below 17.0-2, 16.13-7 and 16.12-10 allow attackers to access file release system information in projects they do not have access to. This issue is fixed in version 17.0.99.1762431347 of the Tuleap Community Edition and versions 17.0-2, 16.13-7 and 16.12-10 of Tuleap Enterprise Edition.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
References
- https://github.com/Enalean/tuleap/commit/403eb69f4cfafe52254c8f9bdbe66e1fedadc254
- https://github.com/Enalean/tuleap/security/advisories/GHSA-v6vm-6rxf-7p2v
- https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=403eb69f4cfafe52254c8f9bdbe66e1fedadc254
- https://tuleap.net/plugins/tracker/?aid=45583
Description
IBM watsonx.data 2.2 through 2.2.1 could allow an authenticated user to cause a denial of service through ingestion pods due to improper allocation of resources without limits.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=eskom' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
