FTB
Company Details
Linkedin ID:
fifth-third-bank
Website:
Employees number:
24,367
Number of followers:
200,311
NAICS:
52
Industry Type:
Homepage:
53.com
IP Addresses:
283
Company ID:
FIF_3171297
Scan Status:
Completed
Fifth Third Bank Company CyberSecurity Posture
53.com
At Fifth Third Bank, everything we do is rooted in our purpose: to improve the lives of our customers and the well-being of our communities. Since our founding in 1858, we’ve been committed to creating a better financial experience by empowering our customers and clients to achieve what matters most. Our unified strength is grounded in the individual passion and diversity of more than 20,000 employees who work collaboratively to deliver a better tomorrow to everyone we serve. We offer a strong culture, opportunities for growth 401k match, wellness options, comprehensive insurance plans and additional resources you need to build a lasting and rewarding career path here. Headquartered in Cincinnati, Ohio, we are among the largest money managers in the Midwest. We operate four main businesses—Commercial Banking, Branch Banking, Consumer Lending, and Wealth & Asset Management—and a network of financial centers in Ohio, Kentucky, Indiana, Michigan, Illinois, Florida, Tennessee, West Virginia, Georgia, North Carolina and South Carolina. Consumers also have access to approximately 54,000 Fifth Third fee-free ATMs across the United States. Fifth Third Bancorp is a diversified financial services company and is the indirect parent company of Fifth Third Bank, National Association, a federally chartered institution. Explore Fifth Third career opportunities at: https://www.53.com/content/fifth-third/en/careers.html Fifth Third Bank, N.A., Member FDIC. Fifth Third Bank is proud to be an affirmative action/equal opportunity employer. M/F/D/V
Fifth Third Bank A.I CyberSecurity Scoring
FTB Risk Score (AI oriented)Between 750 and 799
FTB
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
FTB Global Score (TPRM)XXXX
FTB
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
FTB Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Fifth Third Bank
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: Fifth Third Bank fell for a data breach by some of the former employees of the bank. It warned some customers about their personal information being misused by former bank employees. The information included name, Social Security number, driver's license information, mother's maiden name, address, phone number, date of birth, and account numbers. Bank employees involved in wrongdoing were fired.
FTB Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for FTB
Incidents vs Financial Services Industry Average (This Year)
No incidents recorded for Fifth Third Bank in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Fifth Third Bank in 2025.
Incident Types FTB vs Financial Services Industry Avg (This Year)
No incidents recorded for Fifth Third Bank in 2025.
Incident History — FTB (X = Date, Y = Severity)
FTB cyber incidents detection timeline including parent company and subsidiaries
FTB Company Subsidiaries
At Fifth Third Bank, everything we do is rooted in our purpose: to improve the lives of our customers and the well-being of our communities. Since our founding in 1858, we’ve been committed to creating a better financial experience by empowering our customers and clients to achieve what matters most. Our unified strength is grounded in the individual passion and diversity of more than 20,000 employees who work collaboratively to deliver a better tomorrow to everyone we serve. We offer a strong culture, opportunities for growth 401k match, wellness options, comprehensive insurance plans and additional resources you need to build a lasting and rewarding career path here. Headquartered in Cincinnati, Ohio, we are among the largest money managers in the Midwest. We operate four main businesses—Commercial Banking, Branch Banking, Consumer Lending, and Wealth & Asset Management—and a network of financial centers in Ohio, Kentucky, Indiana, Michigan, Illinois, Florida, Tennessee, West Virginia, Georgia, North Carolina and South Carolina. Consumers also have access to approximately 54,000 Fifth Third fee-free ATMs across the United States. Fifth Third Bancorp is a diversified financial services company and is the indirect parent company of Fifth Third Bank, National Association, a federally chartered institution. Explore Fifth Third career opportunities at: https://www.53.com/content/fifth-third/en/careers.html Fifth Third Bank, N.A., Member FDIC. Fifth Third Bank is proud to be an affirmative action/equal opportunity employer. M/F/D/V
Loading...
FTB Similar Companies
BlackRock is a global asset manager and technology provider dedicated to helping more and more people experience financial well-being. We help millions of people invest to build savings that serve them throughout their lives. We always start with our clients’ needs and look to offer them more qua
Barclays
Barclays is a British universal bank. Our vision is to be the UK-centred leader in global finance. We are a diversified bank with comprehensive UK consumer, corporate and wealth and private banking franchises, a leading investment bank and a strong, specialist US consumer bank. Through these five di
Bloomberg
Bloomberg is a global leader in business and financial information, delivering trusted data, news, and insights that bring transparency, efficiency, and fairness to markets. The company helps connect influential communities across the global financial ecosystem via reliable technology solutions that
Otkritie
OTKRITIE Financial Corporation is one of the most dynamic and fastest growing investment banks in Russia. The company has been operating on the stock market as a broker, asset manager, financial advisor and investment bank since 1995. OTKRITIE FC has become a trusted partner for many Russian and int
Barclays Investment Bank
Barclays Investment Bank deploys financial solutions to help our clients with their funding, financing, strategic and risk management needs across sectors, markets and economies. The Investment Bank is comprised of the Investment Banking, International Corporate Banking, Global Markets and Researc
New York Life Insurance Company
For over 175 years, we've been helping people put love into action. As a mutual company we hold ourselves to the highest standards of transparency, objectivity, and integrity. We’re committed to improving local communities through a culture of giving and volunteerism, supported by our own New York L
KPMG US
KPMG is one of the world’s leading professional services firms and the fastest growing Big Four accounting firm in the United States. With 75+ offices and more than 40,000 employees and partners throughout the US, we’re leading the industry in new and exciting ways. Our size and strength make us muc
LOLC Holdings PLC
A formidable global conglomerate, LOLC Holdings has strategically diversified into key economic growth sectors across financial services, leisure, agriculture and plantations, construction and real estate, manufacturing and trading, technology, research and innovation and strategic investments. The
Morgan Stanley
Morgan Stanley (NYSE: MS) is a leading global financial services firm providing a wide range of investment banking, securities, wealth management and investment management services. With offices in 42 countries, our firm's employees serve clients worldwide including corporations, governments, instit
.png)
FTB CyberSecurity News
November 14, 2025 11:00 AM
Delta Air Lines CISO Debbie Wheeler receives GeorgiaCISO ORBIE Leadership Award
Debbie Wheeler, the global chief information security officer at Delta Air Lines, entered the field of cybersecurity almost by accident.
October 17, 2025 07:00 AM
Leaders Shift Into Overdrive at CDO Magazine’s Global Cybersecurity Summit
The 4th annual CDO Magazine Global Cybersecurity Leadership Summit rallied 150+ attendees and 35+ speakers at The Westin Cincinnati on...
October 17, 2025 07:00 AM
Fifth Third's earnings fall in line amid credit hits and M&A; Truist beats estimates, maintains 2025 guidance
October 17, 2025 07:00 AM
Fifth Third profit jumps on fee income, records $178 million loss from Tricolor bankruptcy
U.S. regional bank Fifth Third Bancorp reported a 14% jump in third-quarter profit on Friday on the back of robust fee income,...
October 15, 2025 07:00 AM
October is Cybersecurity Awareness Month. Here’s how to stay safe from scams
Whether it's romance scams or job scams, impersonators are looking for ways to trick you into giving them money or sharing your personal...
October 07, 2025 07:00 AM
Fifth Third CEO says Comerica deal will expand presence in US middle markets, growth regions
Fifth Third CEO Tim Spence said discussions to buy regional bank Comerica started a few weeks ago when the latter company's CEO Curtis...
October 06, 2025 07:00 AM
Fifth Third to Acquire Comerica
Fifth Third Bancorp (Nasdaq: FITB) and Comerica Incorporated (NYSE: CMA) today announced that they have entered into a definitive merger...
October 06, 2025 07:00 AM
Fifth Third to buy Comerica in $10.9 billion deal to create ninth-largest US bank
Fifth Third on Monday agreed to buy regional lender Comerica in an all-stock deal valued at $10.9 billion, striking the biggest U.S. bank...
October 06, 2025 07:00 AM
Fifth Third to Acquire Comerica in $10.9 B Deal — U.S. Banking Landscape Shifts
Fifth Third Bancorp has struck a $10.9 billion all‑stock deal to acquire Comerica, creating the ninth‑largest U.S. bank.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
FTB CyberSecurity History Information
Official Website of Fifth Third Bank
The official website of Fifth Third Bank is http://www.53.com.
Fifth Third Bank’s AI-Generated Cybersecurity Score
According to Rankiteo, Fifth Third Bank’s AI-generated cybersecurity score is 789, reflecting their Fair security posture.
How many security badges does Fifth Third Bank’ have ?
According to Rankiteo, Fifth Third Bank currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Fifth Third Bank have SOC 2 Type 1 certification ?
According to Rankiteo, Fifth Third Bank is not certified under SOC 2 Type 1.
Does Fifth Third Bank have SOC 2 Type 2 certification ?
According to Rankiteo, Fifth Third Bank does not hold a SOC 2 Type 2 certification.
Does Fifth Third Bank comply with GDPR ?
According to Rankiteo, Fifth Third Bank is not listed as GDPR compliant.
Does Fifth Third Bank have PCI DSS certification ?
According to Rankiteo, Fifth Third Bank does not currently maintain PCI DSS compliance.
Does Fifth Third Bank comply with HIPAA ?
According to Rankiteo, Fifth Third Bank is not compliant with HIPAA regulations.
Does Fifth Third Bank have ISO 27001 certification ?
According to Rankiteo,Fifth Third Bank is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Fifth Third Bank
Fifth Third Bank operates primarily in the Financial Services industry.
Number of Employees at Fifth Third Bank
Fifth Third Bank employs approximately 24,367 people worldwide.
Subsidiaries Owned by Fifth Third Bank
Fifth Third Bank presently has no subsidiaries across any sectors.
Fifth Third Bank’s LinkedIn Followers
Fifth Third Bank’s official LinkedIn profile has approximately 200,311 followers.
NAICS Classification of Fifth Third Bank
Fifth Third Bank is classified under the NAICS code 52, which corresponds to Finance and Insurance.
Fifth Third Bank’s Presence on Crunchbase
No, Fifth Third Bank does not have a profile on Crunchbase.
Fifth Third Bank’s Presence on LinkedIn
Yes, Fifth Third Bank maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/fifth-third-bank.
Cybersecurity Incidents Involving Fifth Third Bank
As of November 27, 2025, Rankiteo reports that Fifth Third Bank has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Fifth Third Bank has an estimated 29,517 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Fifth Third Bank ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does Fifth Third Bank detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an remediation measures with firing of employees involved, and communication strategy with warning customers about the misuse of their personal information..
Incident Details
Can you provide details on each incident ?
Title: Fifth Third Bank Data Breach
Description: Fifth Third Bank experienced a data breach where former employees misused customer personal information. The information included names, Social Security numbers, driver's license information, mother's maiden names, addresses, phone numbers, dates of birth, and account numbers. Employees involved were fired.
Type: Data Breach
Attack Vector: Insider Threat
Vulnerability Exploited: Human Error/Insider Threat
Threat Actor: Former Employees
Motivation: Unauthorized Access/Misuse of Information
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach FIF212201222
Data Compromised: Names, Social security numbers, Driver's license information, Mother's maiden names, Addresses, Phone numbers, Dates of birth, Account numbers
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Information and .
Which entities were affected by each incident ?
Incident : Data Breach FIF212201222
Entity Name: Fifth Third Bank
Entity Type: Financial Institution
Industry: Banking
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach FIF212201222
Remediation Measures: Firing of employees involved
Communication Strategy: Warning customers about the misuse of their personal information
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach FIF212201222
Type of Data Compromised: Personal information
Sensitivity of Data: High
Personally Identifiable Information: NamesSocial Security NumbersDriver's License InformationMother's Maiden NamesAddressesPhone NumbersDates of BirthAccount Numbers
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Firing of employees involved.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Warning customers about the misuse of their personal information.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach FIF212201222
Customer Advisories: Warning customers about the misuse of their personal information
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: was Warning customers about the misuse of their personal information.
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach FIF212201222
Root Causes: Insider Threat
Corrective Actions: Firing of employees involved
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Firing of employees involved.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Former Employees.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Names, Social Security Numbers, Driver's License Information, Mother's Maiden Names, Addresses, Phone Numbers, Dates of Birth, Account Numbers and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Names, Social Security Numbers, Phone Numbers, Mother's Maiden Names, Driver's License Information, Addresses, Account Numbers and Dates of Birth.
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an Warning customers about the misuse of their personal information.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=fifth-third-bank' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
