Grupo Fleury
Company Details
Linkedin ID:
grupo-fleury
Website:
Employees number:
14,276
Number of followers:
882,509
NAICS:
71394
Industry Type:
Homepage:
grupofleury.com.br
IP Addresses:
0
Company ID:
GRU_2773742
Scan Status:
In-progress
Grupo Fleury Company CyberSecurity Posture
grupofleury.com.br
O Grupo Fleury é reconhecido como uma referência de qualidade em medicina diagnóstica no país, com soluções completas, coordenação de cuidado centrada no indivíduo, capacidade de inovação e tecnologia. Temos um portfólio de saúde integrado, preventivo e híbrido, nascemos como um laboratório e evoluímos para ofertas completas de medicina diagnóstica em unidades de atendimento, operações B2B e Lab-to-Lab. Atualmente, o Grupo combina ofertas físicas e digitais, integrando medicina diagnóstica, plataforma de saúde e novos elos da cadeia de saúde, com amplo portfólio de serviços em diferentes especialidades como infusão de medicamentos, medicina reprodutiva, ortopedia, oftalmologia, centro cirúrgico ambulatorial e oncologia. A companhia vivencia as melhores práticas em ESG desde a sua fundação, há quase 100 anos, atuando sempre com protagonismo, exercendo uma cultura organizacional consciente e que compreende o ciclo de impactos gerados. Mais do que isso, tem evoluído em seu conjunto de práticas, mantendo o propósito de ampliar o acesso à saúde, levando qualidade e portfólio de serviços e soluções para cada vez mais brasileiras e brasileiros. O Grupo Fleury é formado por um time de mais de 27 mil pessoas. Estamos presentes (na frente B2C) em 13 estados e no Distrito Federal, somando mais de 500 Unidades de Atendimento. Seguimos engajados em nossa ambição: fortalecer-se como um dos líderes de saúde no Brasil por meio de soluções e experiências cada vez mais completas, integradas e sustentáveis na jornada de saúde e bem-estar das pessoas.
Grupo Fleury A.I CyberSecurity Scoring
Grupo Fleury Risk Score (AI oriented)Between 750 and 799
Grupo Fleury
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Grupo Fleury Global Score (TPRM)XXXX
Grupo Fleury
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Grupo Fleury Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Grupo Fleury
Ransomware
Rankiteo Explanation
Attack threatening the organization’s existence
Description: Brazil-based healthcare company Grupo Fleury was targeted in a REvil ransomware attack that led to the disruption of its operations. The company’s systems remained down and the services on the page displayed that they are unavailable because of an attempted external attack. With the systems offline, business operations were disrupted, and customers were not able to timetable lab investigations or other clinical exams online. However, the group prioritized the restoration of services using “all technical resources and efforts.
Grupo Fleury Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Grupo Fleury
Incidents vs Wellness and Fitness Services Industry Average (This Year)
No incidents recorded for Grupo Fleury in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Grupo Fleury in 2025.
Incident Types Grupo Fleury vs Wellness and Fitness Services Industry Avg (This Year)
No incidents recorded for Grupo Fleury in 2025.
Incident History — Grupo Fleury (X = Date, Y = Severity)
Grupo Fleury cyber incidents detection timeline including parent company and subsidiaries
Grupo Fleury Company Subsidiaries
O Grupo Fleury é reconhecido como uma referência de qualidade em medicina diagnóstica no país, com soluções completas, coordenação de cuidado centrada no indivíduo, capacidade de inovação e tecnologia. Temos um portfólio de saúde integrado, preventivo e híbrido, nascemos como um laboratório e evoluímos para ofertas completas de medicina diagnóstica em unidades de atendimento, operações B2B e Lab-to-Lab. Atualmente, o Grupo combina ofertas físicas e digitais, integrando medicina diagnóstica, plataforma de saúde e novos elos da cadeia de saúde, com amplo portfólio de serviços em diferentes especialidades como infusão de medicamentos, medicina reprodutiva, ortopedia, oftalmologia, centro cirúrgico ambulatorial e oncologia. A companhia vivencia as melhores práticas em ESG desde a sua fundação, há quase 100 anos, atuando sempre com protagonismo, exercendo uma cultura organizacional consciente e que compreende o ciclo de impactos gerados. Mais do que isso, tem evoluído em seu conjunto de práticas, mantendo o propósito de ampliar o acesso à saúde, levando qualidade e portfólio de serviços e soluções para cada vez mais brasileiras e brasileiros. O Grupo Fleury é formado por um time de mais de 27 mil pessoas. Estamos presentes (na frente B2C) em 13 estados e no Distrito Federal, somando mais de 500 Unidades de Atendimento. Seguimos engajados em nossa ambição: fortalecer-se como um dos líderes de saúde no Brasil por meio de soluções e experiências cada vez mais completas, integradas e sustentáveis na jornada de saúde e bem-estar das pessoas.
Loading...
Grupo Fleury Similar Companies
Massage Envy
Massage Envy is the nation’s #1 provider of massage collectively across its franchise network and a national leader in skin care. All Massage Envy locations are independently owned and operated franchises, where the franchisee is the sole employer of all positions. Massage Envy combines big-brand r
Herbalife
Herbalife is a global health and wellness community born to support you in living your best life. For over 40 years and in more than 90 countries, we’ve empowered millions of people to make real changes to their lives with our science-backed products, the support of a coach – what we call an Herbali
Forever Living Products (Home Office)
Forever Living Products and its affiliates are the largest growers, manufacturers and distributors of aloe vera products in the world. The key to Forever's success is commitment to quality and purity. With offices in over 160 countries and Forever Business Owners worldwide, our goal is to provide a
Planet Fitness is taking the fitness industry by storm! Enhancing people’s lives with an affordable, high-quality fitness experience requires a team of inspiring, motivated and fun-loving go-getters. As one of the largest and fastest-growing franchisors and operators of fitness centers in the Unit
Gold's Gym
Gold’s Gym has been the world’s trusted fitness authority since 1965. From its beginning as a small gym in Venice, California, Gold’s Gym has grown into a global icon with more than 700 locations serving 3 million people across six continents each day. Whether you are an industry professional or i
Somos a maior rede de academias da América Latina, com o propósito de democratizar o fitness de alto padrão. Estamos presentes em 15 países, contando com mais de 1500 academias. Atendemos mais de 4 milhões de alunos e contamos com nossa gente de mais de 7 mil colaboradores dedicados, empenhados em o
LA Fitness is a privately owned fitness club chain. LA Fitness has hundreds of health clubs gyms and millions of members across US and Canada. In an industry often equated with fad and fashion, LA Fitness has steadily increased its presence by focusing on the one lifelong benefit valued by everyone:
Purpose Brands, LLC
Purpose Brands, LLC provides fitness, nutrition and wellness support and services to more than 7,000 communities and millions of people around the world. We own and operate the world’s largest and most trusted portfolio of fitness, health and wellness franchise brands and services: Anytime Fit
American Heart Association
Welcome to the American Heart Association’s movement to change the future of health and be the progress that ensures longer, healthier lives for all. By driving breakthroughs in science, policy, and care – together -- we can overcome today’s biggest health challenges and transform lives every day.
.png)
Grupo Fleury CyberSecurity News
June 23, 2021 07:00 AM
Healthcare giant Grupo Fleury hit by REvil ransomware attack
Brazilian medical diagnostic company Grupo Fleury has suffered a ransomware attack that has disrupted business operations after the company took its systems...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Grupo Fleury CyberSecurity History Information
Official Website of Grupo Fleury
The official website of Grupo Fleury is http://www.grupofleury.com.br/.
Grupo Fleury’s AI-Generated Cybersecurity Score
According to Rankiteo, Grupo Fleury’s AI-generated cybersecurity score is 766, reflecting their Fair security posture.
How many security badges does Grupo Fleury’ have ?
According to Rankiteo, Grupo Fleury currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Grupo Fleury have SOC 2 Type 1 certification ?
According to Rankiteo, Grupo Fleury is not certified under SOC 2 Type 1.
Does Grupo Fleury have SOC 2 Type 2 certification ?
According to Rankiteo, Grupo Fleury does not hold a SOC 2 Type 2 certification.
Does Grupo Fleury comply with GDPR ?
According to Rankiteo, Grupo Fleury is not listed as GDPR compliant.
Does Grupo Fleury have PCI DSS certification ?
According to Rankiteo, Grupo Fleury does not currently maintain PCI DSS compliance.
Does Grupo Fleury comply with HIPAA ?
According to Rankiteo, Grupo Fleury is not compliant with HIPAA regulations.
Does Grupo Fleury have ISO 27001 certification ?
According to Rankiteo,Grupo Fleury is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Grupo Fleury
Grupo Fleury operates primarily in the Wellness and Fitness Services industry.
Number of Employees at Grupo Fleury
Grupo Fleury employs approximately 14,276 people worldwide.
Subsidiaries Owned by Grupo Fleury
Grupo Fleury presently has no subsidiaries across any sectors.
Grupo Fleury’s LinkedIn Followers
Grupo Fleury’s official LinkedIn profile has approximately 882,509 followers.
NAICS Classification of Grupo Fleury
Grupo Fleury is classified under the NAICS code 71394, which corresponds to Fitness and Recreational Sports Centers.
Grupo Fleury’s Presence on Crunchbase
No, Grupo Fleury does not have a profile on Crunchbase.
Grupo Fleury’s Presence on LinkedIn
Yes, Grupo Fleury maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/grupo-fleury.
Cybersecurity Incidents Involving Grupo Fleury
As of December 10, 2025, Rankiteo reports that Grupo Fleury has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Grupo Fleury has an estimated 12,079 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Grupo Fleury ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
How does Grupo Fleury detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an remediation measures with prioritized restoration of services using all technical resources and efforts..
Incident Details
Can you provide details on each incident ?
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
Impact of the Incidents
What was the impact of each incident ?
Incident : Ransomware GRU2029251122
Systems Affected: Healthcare SystemsOnline Services
Operational Impact: Disruption of business operations and inability to schedule lab investigations or clinical exams online
Which entities were affected by each incident ?
Incident : Ransomware GRU2029251122
Entity Name: Grupo Fleury
Entity Type: Healthcare Company
Industry: Healthcare
Location: Brazil
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Ransomware GRU2029251122
Remediation Measures: Prioritized restoration of services using all technical resources and efforts
Data Breach Information
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Prioritized restoration of services using all technical resources and efforts.
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Ransomware GRU2029251122
Ransomware Strain: REvil
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an REvil.
Impact of the Incidents
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Healthcare SystemsOnline Services.
.png)
Latest Global CVEs (Not Company-Specific)
Description
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Versions 3.5.4 and below contain a Stored Cross-Site Scripting (XSS) vulnerability in the /WeGIA/html/geral/configurar_senhas.php endpoint. The application does not sanitize user-controlled data before rendering it inside the employee selection dropdown. The application retrieves employee names from the database and injects them directly into HTML <option> elements without proper escaping. This issue is fixed in version 3.5.5.
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Description
ZITADEL is an open-source identity infrastructure tool. Versions 4.0.0-rc.1 through 4.7.0 are vulnerable to DOM-Based XSS through the Zitadel V2 logout endpoint. The /logout endpoint insecurely routes to a value that is supplied in the post_logout_redirect GET parameter. As a result, unauthenticated remote attacker can execute malicious JS code on Zitadel users’ browsers. To carry out an attack, multiple user sessions need to be active in the same browser, however, account takeover is mitigated when using Multi-Factor Authentication (MFA) or Passwordless authentication. This issue is fixed in version 4.7.1.
Risk Information
cvss3
Base: 8.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N
Description
ZITADEL is an open-source identity infrastructure tool. Versions 4.7.0 and below are vulnerable to an unauthenticated, full-read SSRF vulnerability. The ZITADEL Login UI (V2) treats the x-zitadel-forward-host header as a trusted fallback for all deployments, including self-hosted instances. This allows an unauthenticated attacker to force the server to make HTTP requests to arbitrary domains, such as internal addresses, and read the responses, enabling data exfiltration and bypassing network-segmentation controls. This issue is fixed in version 4.7.1.
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
Description
NiceGUI is a Python-based UI framework. Versions 3.3.1 and below are vulnerable to directory traversal through the App.add_media_files() function, which allows a remote attacker to read arbitrary files on the server filesystem. This issue is fixed in version 3.4.0.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Description
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions are vulnerable to authentication bypass when the authentication type is set to "webserver." When providing an Authorization header with an arbitrary value, a session is associated with the target user regardless of valid credentials. This issue is fixed in versions 16.0.44 and 17.0.23.
Risk Information
cvss4
Base: 9.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/FreePBX/framework/commit/04224253156543cd9932b90458660b2f19fc0e35#diff-72f14a52840a61504a8e03cd195035b44e488aecd634b001bc6412a04bdc940bR20-R50
- https://github.com/FreePBX/security-reporting/security/advisories/GHSA-9jvh-mv6x-w698
- https://www.freepbx.org/watch-what-we-do-with-security-fixes-%f0%9f%91%80
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=grupo-fleury' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
