GCB
Company Details
Linkedin ID:
grupocarrefourbrasil
Employees number:
13,587
Number of followers:
1,838,143
NAICS:
43
Industry Type:
Homepage:
grupocarrefourbrasil.com.br
IP Addresses:
0
Company ID:
GRU_1849702
Scan Status:
In-progress
Grupo Carrefour Brasil Company CyberSecurity Posture
grupocarrefourbrasil.com.br
Reunimos uma equipe com mais de 70.000 colaboradores que representam a diversidade deste país. Hoje, somos um dos maiores empregadores do Brasil. Junto com os nossos fornecedores e parceiros, estamos comprometidos em satisfazer e encantar os consumidores todos os dias, construindo a nossa história com a sociedade. Nas mais de 200 lojas e nos diferentes pontos de contato do Grupo Carrefour (Carrefour Hipermercado, Carrefour Bairro, Carrefour Market, Carrefour Express, Postos, Drogarias e E-commerce), nos relacionamos com mais de um milhão de pessoas todos os dias. As pessoas estão no centro do nosso negócio e, por isso, estamos abertos ao aprendizado constante e à busca de uma melhor maneira em tudo que fazemos.
Grupo Carrefour Brasil A.I CyberSecurity Scoring
GCB Risk Score (AI oriented)Between 800 and 849
GCB
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
GCB Global Score (TPRM)XXXX
GCB
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
GCB Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
GCB Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for GCB
Incidents vs Retail Industry Average (This Year)
No incidents recorded for Grupo Carrefour Brasil in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Grupo Carrefour Brasil in 2025.
Incident Types GCB vs Retail Industry Avg (This Year)
No incidents recorded for Grupo Carrefour Brasil in 2025.
Incident History — GCB (X = Date, Y = Severity)
GCB cyber incidents detection timeline including parent company and subsidiaries
GCB Company Subsidiaries
Reunimos uma equipe com mais de 70.000 colaboradores que representam a diversidade deste país. Hoje, somos um dos maiores empregadores do Brasil. Junto com os nossos fornecedores e parceiros, estamos comprometidos em satisfazer e encantar os consumidores todos os dias, construindo a nossa história com a sociedade. Nas mais de 200 lojas e nos diferentes pontos de contato do Grupo Carrefour (Carrefour Hipermercado, Carrefour Bairro, Carrefour Market, Carrefour Express, Postos, Drogarias e E-commerce), nos relacionamos com mais de um milhão de pessoas todos os dias. As pessoas estão no centro do nosso negócio e, por isso, estamos abertos ao aprendizado constante e à busca de uma melhor maneira em tudo que fazemos.
Loading...
GCB Similar Companies
Sunbelt Rentals, Inc.
At Sunbelt Rentals, we provide the tools, equipment, and support our customers need to build and maintain the world around us. With locations across the U.S. and Canada and a team of passionate experts, we're here to ensure our customers have what they need to get the job done right—safely, efficie
Intermarché
Reconnue pour son combat contre la vie chère, Intermarché s'appuie sur un réseau de 2 328 points de vente en Europe (France, Belgique, Pologne, Portugal). Spécialiste des produits frais, l’enseigne propose différents formats de points de vente pour répondre aux attentes de ses clients : - Interma
At M&S, we're dedicated to being the most trusted retailer, prioritising quality and delivering value. Every day, we bring the magic of M&S to our customers, whenever, wherever and however they want to shop with us. For over a century, we've set the standard, doing the right thing and embracing inno
ARKO Corp. (NASDAQ: ARKO)
ARKO Corp. (Nasdaq: ARKO) is a Fortune 500 company that owns 100% of GPM Investments, LLC and is one of the largest operators of convenience stores and wholesalers of fuel in the United States. Based in Richmond, VA, we operate A Family of Community Brands that offer delicious, prepared foods, beer,
AS Watson
AS Watson Group, the world’s largest international health and beauty retailer, is operating over 17,000 stores under 12 retail brands in 31 markets, with over 130,000 employees worldwide. For the fiscal year 2024, AS Watson Group recorded revenue of over US$24 billion. Every year, we are serving ove
华润创业有限公司
Founded in 1992, China Resources Enterprise, Limited is the Hong Kong flagship subsidiary of China Resources (Holdings) Company Limited in the comprehensive consumer goods and retail services businesses. The Company focuses on three businesses: beer, food and beverage. For the beer division, Chin
ICA Gruppen
ICA Gruppen´s core business is retail. The Group includes ICA Sweden which mainly conduct grocery retail, ICA Real Estate which owns and manages properties, ICA Bank which offers financial services and insurances, Apotek Hjärtat which conducts pharmacy operations. Guidelines: Comments in our chan
Kingfisher plc
Kingfisher plc is an international home improvement company with over 2,000 stores, and operations in eight countries across Europe. We operate under retail banners including B&Q, Castorama, Brico Dépôt, Screwfix, TradePoint and Koçtaş, supported by a team of over 78,000 colleagues. We offer home
IKEA
The IKEA vision is to create a better everyday life for the many people. Our business idea is to offer well-designed, functional and affordable, high-quality home furnishing, produced with care for people and the environment. The IKEA Brand unites more than 200.000 co-workers and hundreds of compan
.png)
GCB CyberSecurity News
September 06, 2025 07:00 AM
How AI Is Helping Retail Companies in Brazil Cut Costs and Improve Efficiency
AI helps Brazilian retail cut costs and boost efficiency via personalization, forecasting, fraud detection and chat commerce - driving...
February 12, 2025 08:00 AM
Carrefour to take full control of Brazilian unit with $920m offer
France retail group Carrefour will acquire all outstanding shares of its Brazilian subsidiary, Grupo Carrefour Brasil (Carrefour Brazil).
October 22, 2024 07:00 AM
Brazil's Carrefour sells off 15 Atacadao sites for $127 million
Food retailer Carrefour Brasil has agreed to sell 15 properties to a real estate fund for 725 million reais ($127.4 million),...
June 29, 2023 07:00 AM
Carrefour Brasil bets on know-how to expand small stores operation
Grupo Carrefour Brasil launched a franchise model of convenience stores in the Brazilian market on Wednesday, aiming to tap into its...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
GCB CyberSecurity History Information
Official Website of Grupo Carrefour Brasil
The official website of Grupo Carrefour Brasil is https://www.grupocarrefourbrasil.com.br/.
Grupo Carrefour Brasil’s AI-Generated Cybersecurity Score
According to Rankiteo, Grupo Carrefour Brasil’s AI-generated cybersecurity score is 818, reflecting their Good security posture.
How many security badges does Grupo Carrefour Brasil’ have ?
According to Rankiteo, Grupo Carrefour Brasil currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Grupo Carrefour Brasil have SOC 2 Type 1 certification ?
According to Rankiteo, Grupo Carrefour Brasil is not certified under SOC 2 Type 1.
Does Grupo Carrefour Brasil have SOC 2 Type 2 certification ?
According to Rankiteo, Grupo Carrefour Brasil does not hold a SOC 2 Type 2 certification.
Does Grupo Carrefour Brasil comply with GDPR ?
According to Rankiteo, Grupo Carrefour Brasil is not listed as GDPR compliant.
Does Grupo Carrefour Brasil have PCI DSS certification ?
According to Rankiteo, Grupo Carrefour Brasil does not currently maintain PCI DSS compliance.
Does Grupo Carrefour Brasil comply with HIPAA ?
According to Rankiteo, Grupo Carrefour Brasil is not compliant with HIPAA regulations.
Does Grupo Carrefour Brasil have ISO 27001 certification ?
According to Rankiteo,Grupo Carrefour Brasil is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Grupo Carrefour Brasil
Grupo Carrefour Brasil operates primarily in the Retail industry.
Number of Employees at Grupo Carrefour Brasil
Grupo Carrefour Brasil employs approximately 13,587 people worldwide.
Subsidiaries Owned by Grupo Carrefour Brasil
Grupo Carrefour Brasil presently has no subsidiaries across any sectors.
Grupo Carrefour Brasil’s LinkedIn Followers
Grupo Carrefour Brasil’s official LinkedIn profile has approximately 1,838,143 followers.
NAICS Classification of Grupo Carrefour Brasil
Grupo Carrefour Brasil is classified under the NAICS code 43, which corresponds to Retail Trade.
Grupo Carrefour Brasil’s Presence on Crunchbase
No, Grupo Carrefour Brasil does not have a profile on Crunchbase.
Grupo Carrefour Brasil’s Presence on LinkedIn
Yes, Grupo Carrefour Brasil maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/grupocarrefourbrasil.
Cybersecurity Incidents Involving Grupo Carrefour Brasil
As of November 27, 2025, Rankiteo reports that Grupo Carrefour Brasil has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
Grupo Carrefour Brasil has an estimated 15,241 peer or competitor companies worldwide.
Grupo Carrefour Brasil CyberSecurity History Information
How many cyber incidents has Grupo Carrefour Brasil faced ?
Total Incidents: According to Rankiteo, Grupo Carrefour Brasil has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at Grupo Carrefour Brasil ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=grupocarrefourbrasil' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
