Federal Ministry of the Interior
Last Update: 2025-12-12
Between 800 and 849
Location Berlin
NAICS: 92
NAICS Definition: Public Administration
Employees: 306
Subsidiaries: 0
12-month incidents
1
Known data breaches
0
Attack type number
1
Comparison Overview
Federal Ministry of the Interior
VS
Belastingdienst
Belastingdienst
Last Update: 2025-12-09
Between 750 and 799
De organisatie bestaat uit diverse onderdelen, waaronder de Belastingdienst, Douane, Toeslagen, FIOD en enkele facilitaire organisaties. Met ruim 30.000 medewerkers werken we in kantoren die verspreid zijn over het hele land. Gezamenlijk heffen, innen en controleren we belastingen. Daarnaast zorgen we ook voor het uitbetalen van toeslagen. En zijn we verantwoordelijk voor douanetaken en het opsporen van fraude. De Belastingdienst is een organisatie die 24 uur per dag, 7 dagen per week in dienst staat van de samenleving. Waar jaarlijks miljoenen aangiften worden behandeld, en waar voor honderden miljoenen aan toeslagen worden uitbetaald. En waar de Douane dagelijks zorgt voor de vlotte en veilige in- en uitvoer van tonnen goederen. Ondanks deze grote aantallen streven wij waar mogelijk naar individuele en persoonlijke dienstverlening. En in de vorm van bijvoorbeeld convenanten en partnerships werken wij ook zo goed mogelijk samen met het bedrijfsleven en andere ketenpartners. De Belastingdienst: grootschalig, veelzijdig en altijd maatschappelijk relevant.
NAICS: 92
NAICS Definition: Public Administration
Employees: 18,029
Subsidiaries: 2
12-month incidents
0
Known data breaches
0
Attack type number
0
Compliance Badges Comparison
Security & Compliance Standards Overview
Federal Ministry of the Interior
ISO 27001
Not verified
SOC2 Type 1
Not verified
SOC2 Type 2
Not verified
GDPR
Not verified
PCI DSS
Not verified
HIPAA
Not verified
Belastingdienst
ISO 27001
Not verified
SOC2 Type 1
Not verified
SOC2 Type 2
Not verified
GDPR
Not verified
PCI DSS
Not verified
HIPAA
Not verified
Compliance Summary
Federal Ministry of the Interior
100%
Compliance Rate
0/4 Standards Verified
Belastingdienst
0%
Compliance Rate
0/4 Standards Verified
Benchmark & Cyber Underwriting Signals
Incidents vs Government Administration Industry Average (This Year)
Federal Ministry of the Interior has 23.46% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs Government Administration Industry Average (This Year)
No incidents recorded for Belastingdienst in 2025.
Incident History — Federal Ministry of the Interior (X = Date, Y = Severity)
Federal Ministry of the Interior cyber incidents detection timeline including parent company and subsidiaries
Incident History — Belastingdienst (X = Date, Y = Severity)
Belastingdienst cyber incidents detection timeline including parent company and subsidiaries
Notable Incidents
Last 3 Security & Risk Events by Company
Federal Ministry of the Interior
Incidents
Belastingdienst
Incidents
No Incident
FAQ
Federal Ministry of the Interior company demonstrates a stronger AI Cybersecurity Score compared to Belastingdienst company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.
Federal Ministry of the Interior company has historically faced a number of disclosed cyber incidents, whereas Belastingdienst company has not reported any.
In the current year, Federal Ministry of the Interior company has reported more cyber incidents than Belastingdienst company.
Neither Belastingdienst company nor Federal Ministry of the Interior company has reported experiencing a ransomware attack publicly.
Neither Belastingdienst company nor Federal Ministry of the Interior company has reported experiencing a data breach publicly.
Federal Ministry of the Interior company has reported targeted cyberattacks, while Belastingdienst company has not reported such incidents publicly.
Neither Federal Ministry of the Interior company nor Belastingdienst company has reported experiencing or disclosing vulnerabilities publicly.
Neither Federal Ministry of the Interior nor Belastingdienst holds any compliance certifications.
Neither company holds any compliance certifications.
Belastingdienst company has more subsidiaries worldwide compared to Federal Ministry of the Interior company.
Belastingdienst company employs more people globally than Federal Ministry of the Interior company, reflecting its scale as a Government Administration.
Neither Federal Ministry of the Interior nor Belastingdienst holds SOC 2 Type 1 certification.
Neither Federal Ministry of the Interior nor Belastingdienst holds SOC 2 Type 2 certification.
Neither Federal Ministry of the Interior nor Belastingdienst holds ISO 27001 certification.
Neither Federal Ministry of the Interior nor Belastingdienst holds PCI DSS certification.
Neither Federal Ministry of the Interior nor Belastingdienst holds HIPAA certification.
Neither Federal Ministry of the Interior nor Belastingdienst holds GDPR certification.
Latest Global CVEs (Not Company-Specific)
Description
LibreChat is a ChatGPT clone with additional features. In versions 0.8.0 and below, there is no handler for JSON parsing errors; SyntaxError from express.json() includes user input in the error message, which gets reflected in responses. User input (including HTML/JavaScript) can be exposed in error responses, creating an XSS risk if Content-Type isn't strictly enforced. This issue does not have a fix at the time of publication.
Risk Information
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
LibreChat is a ChatGPT clone with additional features. In versions 0.8.0 and below, when creating prompts, JSON requests are sent to define and modify the prompts via PATCH endpoint for prompt groups (/api/prompts/groups/:groupId). However, the request bodies are not sufficiently validated for proper input, enabling users to modify prompts in a way that was not intended as part of the front end system. The patchPromptGroup function passes req.body directly to updatePromptGroup() without filtering sensitive fields. This issue is fixed in version 0.8.1.
Risk Information
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
LibreChat is a ChatGPT clone with additional features. In versions 0.8.0 and below, when a user posts a question, the iconURL parameter of the POST request can be modified by an attacker. The malicious code is then stored in the chat which can then be shared to other users. When sharing chats with a potentially malicious “tracker”, resources loaded can lead to loss of privacy for users who view the chat link that is sent to them. This issue is fixed in version 0.8.1.
Risk Information
cvss4
Base: 8.6
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
MaxKB is an open-source AI assistant for enterprise. Versions 2.3.1 and below have improper file permissions which allow attackers to overwrite the built-in dynamic linker and other critical files, potentially resulting in privilege escalation. This issue is fixed in version 2.4.0.
Risk Information
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Description
MaxKB is an open-source AI assistant for enterprise. In versions 2.3.1 and below, the tool module allows an attacker to escape the sandbox environment and escalate privileges under certain concurrent conditions. This issue is fixed in version 2.4.0.
Risk Information
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
