ExxonMobil
Company Details
Linkedin ID:
exxonmobil
Website:
Employees number:
66,908
Number of followers:
3,639,738
NAICS:
211
Industry Type:
Homepage:
exxonmobil.com
IP Addresses:
294
Company ID:
EXX_1090820
Scan Status:
Completed
ExxonMobil Company CyberSecurity Posture
exxonmobil.com
The need for energy is universal. That's why ExxonMobil scientists and engineers are pioneering new research and pursuing new technologies to reduce emissions while creating more efficient fuels. We're committed to responsibly meeting the world's energy needs. We aim to achieve #netzero emissions from our operated assets by 2050 (for Scope 1 and 2 greenhouse gas emissions) and are taking a comprehensive approach to create emission-reduction roadmaps for major operated assets. Find us also on: YouTube.com/ExxonMobil Find our latest Privacy Policy at https://corporate.exxonmobil.com/Global-legal-pages/privacy-policy See our terms and conditions at https://corporate.exxonmobil.com/global-legal-pages/terms-and-conditions Find resources on our GHG emission reduction efforts here: https://corporate.exxonmobil.com/resources
ExxonMobil A.I CyberSecurity Scoring
ExxonMobil Risk Score (AI oriented)Between 800 and 849
ExxonMobil
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
ExxonMobil Global Score (TPRM)XXXX
ExxonMobil
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
ExxonMobil Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Exxon
Breach
Rankiteo Explanation
Attack threatening the organization’s existence
Description: Exxon faced a significant reputational and potential financial impact due to a hack-and-leak operation targeting climate change activists. The firm hired by Exxon, DCI Group, was investigated for its alleged role in the incident. The internal communications about litigation against Exxon were obtained and leaked to the media, causing disruption to the activists and exposing Exxon to legal and public relations challenges. This attack caused distress among the affected parties and raised questions about the lengths to which corporations might go to protect their interests amid environmental scrutiny.
ExxonMobil Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for ExxonMobil
Incidents vs Oil and Gas Industry Average (This Year)
No incidents recorded for ExxonMobil in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for ExxonMobil in 2026.
Incident Types ExxonMobil vs Oil and Gas Industry Avg (This Year)
No incidents recorded for ExxonMobil in 2026.
Incident History — ExxonMobil (X = Date, Y = Severity)
ExxonMobil cyber incidents detection timeline including parent company and subsidiaries
ExxonMobil Company Subsidiaries
The need for energy is universal. That's why ExxonMobil scientists and engineers are pioneering new research and pursuing new technologies to reduce emissions while creating more efficient fuels. We're committed to responsibly meeting the world's energy needs. We aim to achieve #netzero emissions from our operated assets by 2050 (for Scope 1 and 2 greenhouse gas emissions) and are taking a comprehensive approach to create emission-reduction roadmaps for major operated assets. Find us also on: YouTube.com/ExxonMobil Find our latest Privacy Policy at https://corporate.exxonmobil.com/Global-legal-pages/privacy-policy See our terms and conditions at https://corporate.exxonmobil.com/global-legal-pages/terms-and-conditions Find resources on our GHG emission reduction efforts here: https://corporate.exxonmobil.com/resources
Loading...
ExxonMobil Similar Companies
PDVSA Petróleos de Venezuela S.A.
Petróleos de Venezuela S.A. is a Venezuelan state company, began operations on January 1st, 1976 and whose activities are the oil exploration, production, refining, marketing and transportation of Venezuelan oil as well as the orimulsion, chemical, petrochemical businesses and coal. We have the lar
McDermott International, Ltd
McDermott is a premier provider of engineering and construction solutions to the energy industry. Our customers trust our technology-driven approach—engineered to responsibly harness and transform global energy resources into the products the world needs for now and what’s next. From concept to co
Marathon Petroleum Corporation (MPC) is a leading, integrated, downstream and midstream energy company headquartered in Findlay, Ohio. The company operates the nation's largest refining system. MPC's marketing system includes branded locations across the United States, including Marathon brand retai
TechnipFMC
TechnipFMC is a leading technology provider to the traditional and new energies industry, delivering fully integrated projects, products, and services. With our proprietary technologies and comprehensive solutions, we are transforming our clients’ project economics, helping them unlock new possibi
Ecopetrol
Ecopetrol (NYSE: EC) es la compañía más grande en Colombia y uno de los principales grupos de energía de Latinoamérica. Cuenta con más de 18.000 empleados y es responsable del 60% de la producción de hidrocarburos en Colombia. Es propietaria de las dos refinerías del Colombia y de la gran parte de l
Halliburton
We collaborate and engineer solutions to maximize asset value for our customers. Founded in 1919, Halliburton is one of the world's largest providers of products and services to the energy industry. With more than 45,000 employees, representing 130 nationalities in more than 80 countries, the compan
We are a global oil and gas company tasked with an important job—to safely find and deliver energy for the world. We’re experts in what we do—from the well site to the office. Across our operations and activities in 13 countries, we never forget our responsibility to be a great neighbor, and a gre
Tenaris
Tenaris is a leading supplier of tubes and related services for the world’s energy industry and certain other industrial applications. Our mission is to deliver value to our customers through product development, manufacturing excellence, and supply chain management. Tenaris employees around the wor
Nosso propósito é prover energia que assegure prosperidade de forma ética, justa, segura e competitiva. Queremos ser a melhor empresa diversificada e integrada de energia na geração de valor, construindo um mundo mais sustentável, conciliando o foco em óleo e gás com a diversificação em negócios de
.png)
ExxonMobil CyberSecurity News
December 15, 2025 08:00 AM
Should Investors Pay a Premium for ExxonMobil Stock Now?
Exxon Mobil Corporation XOM is currently considered expensive on a relative basis, with the stock trading at a 7.71x trailing 12-month...
December 10, 2025 08:00 AM
E&E News: Exxon to cut low-carbon spending by a third
ENERGYWIRE | Exxon Mobil announced plans Tuesday to lower spending on low-carbon investments by one-third, while projecting higher profits...
December 02, 2025 08:00 AM
2025 year-end supplier communication
Thank you for being a valued supplier of Exxon Mobil Corporation. We routinely conduct a thorough review of our business practices,...
November 21, 2025 08:00 AM
E&E News: Exxon lifts force majeure on its giant Mozambique LNG project
ENERGYWIRE | Exxon Mobil lifted a force majeure on its Rovuma liquefied natural gas project in Mozambique as security concerns subside,...
November 20, 2025 08:00 AM
Intel certifies ExxonMobil immersion cooling fluids for Xeon
Intel has certified ExxonMobil's immersion cooling fluids for use with its 4th and 5th-gen Xeon processors, offering warranty-backed support...
November 10, 2025 08:00 AM
E&E News: Exxon lawyer vows to crush climate lawsuits
CLIMATEWIRE | A top lawyer for Exxon Mobil says the company — named in more than two dozen lawsuits from local governments seeking...
October 27, 2025 07:00 AM
E&E News: Exxon sues California over climate disclosure laws
CLIMATEWIRE | Exxon Mobil is suing California over its first-in-the-nation climate disclosure laws, arguing the requirements seek to...
September 30, 2025 07:00 AM
ExxonMobil and Kinaxis: Creating a Next Gen Supply Chain Management Solution for Oil & Gas
ARC Analyst Larry O'Brien has recently published a report on ARC's Client Portal regarding the recent work between Kinaxis and Exxon to...
September 22, 2025 07:00 AM
ExxonMobil Adds Another Major Project To Its Guyana Oil Bonanza
ExxonMobil announced the achievement of a final investment decision to proceed with the Hammerhead project at its prolific Stabroek...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
ExxonMobil CyberSecurity History Information
Official Website of ExxonMobil
The official website of ExxonMobil is http://www.exxonmobil.com.
ExxonMobil’s AI-Generated Cybersecurity Score
According to Rankiteo, ExxonMobil’s AI-generated cybersecurity score is 824, reflecting their Good security posture.
How many security badges does ExxonMobil’ have ?
According to Rankiteo, ExxonMobil currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has ExxonMobil been affected by any supply chain cyber incidents ?
According to Rankiteo, ExxonMobil has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does ExxonMobil have SOC 2 Type 1 certification ?
According to Rankiteo, ExxonMobil is not certified under SOC 2 Type 1.
Does ExxonMobil have SOC 2 Type 2 certification ?
According to Rankiteo, ExxonMobil does not hold a SOC 2 Type 2 certification.
Does ExxonMobil comply with GDPR ?
According to Rankiteo, ExxonMobil is not listed as GDPR compliant.
Does ExxonMobil have PCI DSS certification ?
According to Rankiteo, ExxonMobil does not currently maintain PCI DSS compliance.
Does ExxonMobil comply with HIPAA ?
According to Rankiteo, ExxonMobil is not compliant with HIPAA regulations.
Does ExxonMobil have ISO 27001 certification ?
According to Rankiteo,ExxonMobil is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of ExxonMobil
ExxonMobil operates primarily in the Oil and Gas industry.
Number of Employees at ExxonMobil
ExxonMobil employs approximately 66,908 people worldwide.
Subsidiaries Owned by ExxonMobil
ExxonMobil presently has no subsidiaries across any sectors.
ExxonMobil’s LinkedIn Followers
ExxonMobil’s official LinkedIn profile has approximately 3,639,738 followers.
NAICS Classification of ExxonMobil
ExxonMobil is classified under the NAICS code 211, which corresponds to Oil and Gas Extraction.
ExxonMobil’s Presence on Crunchbase
No, ExxonMobil does not have a profile on Crunchbase.
ExxonMobil’s Presence on LinkedIn
Yes, ExxonMobil maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/exxonmobil.
Cybersecurity Incidents Involving ExxonMobil
As of January 23, 2026, Rankiteo reports that ExxonMobil has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
ExxonMobil has an estimated 10,645 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at ExxonMobil ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
Incident Details
Can you provide details on each incident ?
Title: Exxon Hack-and-Leak Operation Targeting Climate Change Activists
Description: Exxon faced a significant reputational and potential financial impact due to a hack-and-leak operation targeting climate change activists. The firm hired by Exxon, DCI Group, was investigated for its alleged role in the incident. The internal communications about litigation against Exxon were obtained and leaked to the media, causing disruption to the activists and exposing Exxon to legal and public relations challenges. This attack caused distress among the affected parties and raised questions about the lengths to which corporations might go to protect their interests amid environmental scrutiny.
Type: Hack-and-Leak Operation
Threat Actor: DCI Group
Motivation: To protect corporate interests amid environmental scrutiny
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Hack-and-Leak Operation EXX000120924
Data Compromised: Internal communications about litigation
Operational Impact: Disruption to climate change activists
Brand Reputation Impact: Significant reputational impact
Legal Liabilities: Exposed to legal and public relations challenges
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Internal Communications and .
Which entities were affected by each incident ?
Incident : Hack-and-Leak Operation EXX000120924
Entity Name: Exxon
Entity Type: Corporation
Industry: Energy
Data Breach Information
What type of data was compromised in each breach ?
Incident : Hack-and-Leak Operation EXX000120924
Type of Data Compromised: Internal communications
Data Exfiltration: Internal communications about litigation
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an DCI Group.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Internal communications about litigation and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was Internal communications about litigation.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network.
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
Description
Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network.
Risk Information
cvss3
Base: 9.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Description
Azure Entra ID Elevation of Privilege Vulnerability
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
Description
Moonraker is a Python web server providing API access to Klipper 3D printing firmware. In versions 0.9.3 and below, instances configured with the "ldap" component enabled are vulnerable to LDAP search filter injection techniques via the login endpoint. The 401 error response message can be used to determine whether or not a search was successful, allowing for brute force methods to discover LDAP entries on the server such as user IDs and user attributes. This issue has been fixed in version 0.10.0.
Risk Information
cvss4
Base: 2.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Runtipi is a Docker-based, personal homeserver orchestrator that facilitates multiple services on a single server. Versions 3.7.0 and above allow an authenticated user to execute arbitrary system commands on the host server by injecting shell metacharacters into backup filenames. The BackupManager fails to sanitize the filenames of uploaded backups. The system persists user-uploaded files directly to the host filesystem using the raw originalname provided in the request. This allows an attacker to stage a file containing shell metacharacters (e.g., $(id).tar.gz) at a predictable path, which is later referenced during the restore process. The successful storage of the file is what allows the subsequent restore command to reference and execute it. This issue has been fixed in version 4.7.0.
Risk Information
cvss3
Base: 8.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=exxonmobil' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
