GREAT EASTERN
Company Details
Linkedin ID:
great-eastern-group
Website:
Employees number:
13,454
Number of followers:
200,807
NAICS:
524
Industry Type:
Homepage:
greateasternlife.com
IP Addresses:
0
Company ID:
GRE_3251199
Scan Status:
In-progress
GREAT EASTERN Company CyberSecurity Posture
greateasternlife.com
Established in 1908, Great Eastern places customers at the heart of everything we do. Our legacy extends beyond our products and services to our culture, which is defined by our core values and how we work. As champions of Integrity, Initiative and Involvement, our core values act as a compass, guiding and inspiring us to embrace the behaviours associated with each value, upholding our promise to our customers - to continue doing our best for them in a sustainable manner. We embrace inclusivity, giving all employees an equal opportunity to shine and play their role in exploring possibilities to deliver innovative insurance solutions. Since 2018, Great Eastern has been a signatory to the United Nations (UN) Principles of Sustainable Insurance. Our sustainability approach around environmental, social, and governance (ESG) considerations play a key role in every business decision we make. We are committed to being a sustainability-driven company to achieve a low-carbon economy by managing the environmental footprint of our operations and incorporating ESG considerations in our investment portfolios; improving people’s lives by actively helping customers live healthier, better and longer; and drive responsible business practices through material ESG risk management. Please note that our career opportunities are only posted on our Career Website (https://gecareers.taleo.net/careersection/ex_singapore/jobsearch.ftl?lang=en&portal=8116760849) and on our authorised job platforms, such as, LinkedIn, JobStreet and eFinancialCareers. We do not initiate any unsolicited calls and all official emails from Great Eastern will be sent from email addresses ending with “@greateasternlife.com or @greateasterngeneral.com”. Should you receive any communications outside from these channels, please do not provide any personal information and do reach out to us at [email protected] for us to assist you and confirm the legitimacy of the content.
GREAT EASTERN A.I CyberSecurity Scoring
GREAT EASTERN Risk Score (AI oriented)Between 750 and 799
GREAT EASTERN
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
GREAT EASTERN Global Score (TPRM)XXXX
GREAT EASTERN
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
GREAT EASTERN Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
GREAT EASTERN
Data Leak
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: Singaporean insurance company Great Eastern Takaful Berhad reported concern about a data breach with mySalam health insurance scheme for the bottom 40 percent of workers. The information compromised includes personal details, home and work address, dependents, monthly income, and frequency of utilising the scheme as well as health details. With the complete data, the Singaporean company would not only be able to conduct market study to ensure the stability of its company in Malaysia, but the data could also be used as a political target. Following the launch of the MySalam scheme, doctor and patient groups have raised concerns about the scheme as they said it lacks details and has insufficient benefits.
GREAT EASTERN Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for GREAT EASTERN
Incidents vs Insurance Industry Average (This Year)
No incidents recorded for GREAT EASTERN in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for GREAT EASTERN in 2025.
Incident Types GREAT EASTERN vs Insurance Industry Avg (This Year)
No incidents recorded for GREAT EASTERN in 2025.
Incident History — GREAT EASTERN (X = Date, Y = Severity)
GREAT EASTERN cyber incidents detection timeline including parent company and subsidiaries
GREAT EASTERN Company Subsidiaries
Established in 1908, Great Eastern places customers at the heart of everything we do. Our legacy extends beyond our products and services to our culture, which is defined by our core values and how we work. As champions of Integrity, Initiative and Involvement, our core values act as a compass, guiding and inspiring us to embrace the behaviours associated with each value, upholding our promise to our customers - to continue doing our best for them in a sustainable manner. We embrace inclusivity, giving all employees an equal opportunity to shine and play their role in exploring possibilities to deliver innovative insurance solutions. Since 2018, Great Eastern has been a signatory to the United Nations (UN) Principles of Sustainable Insurance. Our sustainability approach around environmental, social, and governance (ESG) considerations play a key role in every business decision we make. We are committed to being a sustainability-driven company to achieve a low-carbon economy by managing the environmental footprint of our operations and incorporating ESG considerations in our investment portfolios; improving people’s lives by actively helping customers live healthier, better and longer; and drive responsible business practices through material ESG risk management. Please note that our career opportunities are only posted on our Career Website (https://gecareers.taleo.net/careersection/ex_singapore/jobsearch.ftl?lang=en&portal=8116760849) and on our authorised job platforms, such as, LinkedIn, JobStreet and eFinancialCareers. We do not initiate any unsolicited calls and all official emails from Great Eastern will be sent from email addresses ending with “@greateasternlife.com or @greateasterngeneral.com”. Should you receive any communications outside from these channels, please do not provide any personal information and do reach out to us at [email protected] for us to assist you and confirm the legitimacy of the content.
Loading...
GREAT EASTERN Similar Companies
Blue Cross Blue Shield of Michigan
Blue Cross Blue Shield of Michigan is a nonprofit corporation and an independent licensee of the Blue Cross and Blue Shield Association. BCBSM's commitment to Michigan is what differentiates it from other health insurance companies doing business in the state. That mission has never changed. Nea
Seguros SURA
SURA es una compañía que integra en diferentes empresas soluciones en seguros y seguridad social. Su marca se presenta a los clientes como Seguros SURA, ARL SURA y EPS SURA. Existen otras marcas y empresas, especialmente de prestación de servicios, que hacen parte de la Compañía. Nuestra experienc
Munich Re
Munich Re is one of the world’s leading providers of reinsurance, primary insurance and insurance-related risk solutions. The group consists of the reinsurance and ERGO business segments, as well as the capital investment company MEAG. We are globally active and operate in all lines of the insurance
Nationwide
Nationwide, a Fortune 100 company based in Columbus, Ohio, is one of the largest and strongest diversified insurance and financial services organizations in the United States. Nationwide is rated A+ by Standard & Poor's. An industry leader in driving customer-focused innovation, Nationwide provides
American Family Insurance
For more than 90 years, American Family Insurance has built its reputation on sound principles. We strive to provide you industry-leading service, exceptional claims experience and products that build long-term relationships. This is accomplished by treating policyholders fairly in a helpful and car
Chubb
Chubb is a world leader in insurance. With operations in 54 countries and territories, Chubb provides commercial and personal property and casualty insurance, personal accident and supplemental health insurance, reinsurance and life insurance to a diverse group of clients. As an underwriting company
Brown & Brown
Brown & Brown delivers risk management solutions to help protect and preserve what our customers value most. Our two business segments, Retail and Specialty Distribution, offer businesses and individuals a wide range of insurance solutions. We are one of the insurance industry’s most powerful and i
About ICICI Lombard General Insurance Company Limited ICICI Lombard is the leading private general insurance company in the country. The Company offers a comprehensive and well-diversified range of products through multiple distribution channels, including motor, health, crop, fire, personal accide
MAPFRE
At MAPFRE, we’re committed to protecting what matters most to you. That’s why we’re the largest Spanish-owned insurer in the world, the largest multinational insurance company in Latin America and among the 15 largest European groups by premium volume. With a legacy spanning more than 90 years, we’r
.png)
GREAT EASTERN CyberSecurity News
November 18, 2025 08:00 AM
The Complete List of Hacker And Cybersecurity Movies
Hacker's Movie Guide” with Foreword by Steve Wozniak, co-founder of Apple.
September 22, 2025 07:00 AM
Best Master’s in Cybersecurity Online Degrees of 2025
Are you a tech professional interested in the best online master's in cybersecurity programs? Check out our guide to learn everything you...
July 19, 2025 07:00 AM
Striving to keep cyberspace safe: Warren’s Madeline Best sets sights on cybersecurity field
LITTLE HOCKING — A career in the emerging field of cybersecurity is on the horizon for recent Warren High School graduate Madeline Best.
July 08, 2025 07:00 AM
Great Eastern Holdings update: OCBC, the Wongs and SGX are winners
Great Eastern Holdings is set to resume trading following an EGM where 36% of shares of shareholders who voted in person or by proxy voted...
June 25, 2025 07:00 AM
Beating the hackers: US cybersecurity dealmaking hits back against rising attacks - Policymakers have renewed their focus on closing gaps in the nation’s defenses, creating fertile ground for M&A
The persistence and evolution of cybercrime across the US is reshaping M&A in the cybersecurity sector. Driven by escalating threats,...
June 08, 2025 07:00 AM
Eastern WA researchers fight cyber threats at aging U.S. hydropower system
Researchers at PNNL are combining their knowledge of the hydropower system and expertise in cybersecurity to secure the operational technology of the nation's...
January 28, 2025 08:00 AM
Redefining Security: How AI is Changing the Future of Defense
How is artificial intelligence reshaping global security and defense strategies, and what implications does this shift have for the balance of power among...
October 14, 2024 07:00 AM
Whispers from the Dark Web Cave. Cyberthreats in the Middle East
The Kaspersky Digital Footprint Intelligence team analyzed cybersecurity threats coming from dark web cybercriminals who targeted businesses...
September 18, 2024 07:00 AM
Eastern Michigan University hosts “Cybersecurity in Aerospace Engineering” workshop in partnership with Indian Institute of Technology Bombay
EMU hosted a virtual “Cybersecurity in Aerospace Engineering” workshop on August 28, connecting with students from the Indian Institute of Technology (IIT)...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
GREAT EASTERN CyberSecurity History Information
Official Website of GREAT EASTERN
The official website of GREAT EASTERN is http://www.greateasternlife.com.
GREAT EASTERN’s AI-Generated Cybersecurity Score
According to Rankiteo, GREAT EASTERN’s AI-generated cybersecurity score is 765, reflecting their Fair security posture.
How many security badges does GREAT EASTERN’ have ?
According to Rankiteo, GREAT EASTERN currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does GREAT EASTERN have SOC 2 Type 1 certification ?
According to Rankiteo, GREAT EASTERN is not certified under SOC 2 Type 1.
Does GREAT EASTERN have SOC 2 Type 2 certification ?
According to Rankiteo, GREAT EASTERN does not hold a SOC 2 Type 2 certification.
Does GREAT EASTERN comply with GDPR ?
According to Rankiteo, GREAT EASTERN is not listed as GDPR compliant.
Does GREAT EASTERN have PCI DSS certification ?
According to Rankiteo, GREAT EASTERN does not currently maintain PCI DSS compliance.
Does GREAT EASTERN comply with HIPAA ?
According to Rankiteo, GREAT EASTERN is not compliant with HIPAA regulations.
Does GREAT EASTERN have ISO 27001 certification ?
According to Rankiteo,GREAT EASTERN is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of GREAT EASTERN
GREAT EASTERN operates primarily in the Insurance industry.
Number of Employees at GREAT EASTERN
GREAT EASTERN employs approximately 13,454 people worldwide.
Subsidiaries Owned by GREAT EASTERN
GREAT EASTERN presently has no subsidiaries across any sectors.
GREAT EASTERN’s LinkedIn Followers
GREAT EASTERN’s official LinkedIn profile has approximately 200,807 followers.
NAICS Classification of GREAT EASTERN
GREAT EASTERN is classified under the NAICS code 524, which corresponds to Insurance Carriers and Related Activities.
GREAT EASTERN’s Presence on Crunchbase
No, GREAT EASTERN does not have a profile on Crunchbase.
GREAT EASTERN’s Presence on LinkedIn
Yes, GREAT EASTERN maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/great-eastern-group.
Cybersecurity Incidents Involving GREAT EASTERN
As of November 27, 2025, Rankiteo reports that GREAT EASTERN has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
GREAT EASTERN has an estimated 14,859 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at GREAT EASTERN ?
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak.
Incident Details
Can you provide details on each incident ?
Title: Data Breach at Great Eastern Takaful Berhad
Description: Singaporean insurance company Great Eastern Takaful Berhad reported concern about a data breach with mySalam health insurance scheme for the bottom 40 percent of workers.
Type: Data Breach
Motivation: Financial and Political
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Data Leak.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach GRE95422223
Data Compromised: Personal details, Home and work address, Dependents, Monthly income, Frequency of utilising the scheme, Health details
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Details, Home And Work Address, Dependents, Monthly Income, Frequency Of Utilising The Scheme, Health Details and .
Which entities were affected by each incident ?
Incident : Data Breach GRE95422223
Entity Name: Great Eastern Takaful Berhad
Entity Type: Insurance Company
Industry: Insurance
Location: Malaysia
Customers Affected: bottom 40 percent of workers
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach GRE95422223
Type of Data Compromised: Personal details, Home and work address, Dependents, Monthly income, Frequency of utilising the scheme, Health details
Sensitivity of Data: High
Personally Identifiable Information: Yes
Additional Questions
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were personal details, home and work address, dependents, monthly income, frequency of utilising the scheme, health details and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were frequency of utilising the scheme, health details, personal details, dependents, home and work address and monthly income.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=great-eastern-group' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
