What is the official website of H&M ?

The official website of H&M is https://career.hm.com/.

What is H&M's cybersecurity risk score?

H&M has an AI-generated cybersecurity risk score of 817 out of 1000, indicating a Good security posture according to Rankiteo's assessment.

How many security incidents has H&M experienced?

According to Rankiteo, H&M currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has H&M been affected by any supply chain cyber incidents ?

According to Rankiteo, H&M has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does H&M have SOC 2 Type 1 certification ?

According to Rankiteo, H&M is not certified under SOC 2 Type 1.

Does H&M have SOC 2 Type 2 certification ?

According to Rankiteo, H&M does not hold a SOC 2 Type 2 certification.

Does H&M comply with GDPR ?

According to Rankiteo, H&M is not listed as GDPR compliant.

Does H&M have PCI DSS certification ?

According to Rankiteo, H&M does not currently maintain PCI DSS compliance.

Does H&M comply with HIPAA ?

According to Rankiteo, H&M is not compliant with HIPAA regulations.

Does H&M have ISO 27001 certification ?

According to Rankiteo,H&M is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does H&M operate in ?

H&M operates primarily in the Retail industry.

How many employees does H&M have ?

H&M employs approximately 67,647 people worldwide.

Does H&M own any subsidiaries ?

H&M presently has no subsidiaries across any sectors.

How many LinkedIn followers does H&M have ?

H&M's official LinkedIn profile has approximately 3,381,497 followers.

What is the NAICS classification code for H&M ?

H&M is classified under the NAICS code 43, which corresponds to Retail Trade.

Does H&M have a Crunchbase profile ?

No, H&M does not have a profile on Crunchbase.

Does H&M have a LinkedIn profile ?

Yes, H&M maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/h&m.

How many cybersecurity incidents has H&M experienced ?

As of June 16, 2026, Rankiteo reports that H&M has not experienced any cybersecurity incidents.

How many peer or competitor companies does H&M have ?

H&M has an estimated 15,856 peer or competitor companies worldwide.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

H&M

Boost Score +25 with badge (5 left)

817

/1000

Good

842

/1000

Good

H&M Vendor Cyber Rating & Cyber Score

hm.com

Add Your Compliance Badge

At H&M, we welcome you to be yourself and feel like you truly belong. Help us reimagine the future of an entire industry by making everyone look, feel, and do good. We take pride in our history of making fashion accessible to everyone and led by our values we strive to build a more welcoming, inclusive, and sustainable industry. We are privileged to have more than 120,000 colleagues, in over 75 countries across the world. That’s 120 000 individuals with unique experiences, skills, and passions. At H&M, we believe everyone can make an impact, we believe in giving people responsibility and a strong sense of ownership. Our business is your business, and when you grow, we grow.

H&M A.I CyberSecurity Scoring

Scoring History

H&M

H&M CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

No data available

Loading…

A.I.

H&M Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for H&M

Incidents vs Retail Industry Avg (This Year)

No incidents recorded for H&M in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for H&M in 2026.

Incident Types H&M vs Retail Industry Avg (This Year)

No incidents recorded for H&M in 2026.

Incident History - H&M (X = Date, Y = Severity)

Loading…

SUBSIDIARY

H&M Subsidiaries

H&M

Retail

Website: https://career.hm.com/

Company Size: 67,647

H&M GroupRetail

COSRetail Apparel and Fashion

AfoundRetail

MonkiRetail

WeekdayRetail Apparel and Fashion

SellpyRetail

H&M FoundationNon-profit Organizations

Cheap MondayRetail Apparel and Fashion

Singular SocietyRetail

ARKETRetail

& Other StoriesRetail Apparel and Fashion

Loading…

H&M Similar Companies

Grupo Dia

diacorporate.com

With more than 40 years history, Grupo DIA is a Spanish multinational in the food, drugstore, beauty and health distribution sector. DIA arrived with the commitment to respond to the needs of all families, offering quality at the best price through a wide network of local shops. Since then, our effort in contributing to the family economy of our customers has remained in time. Currently, we have the largest network of stores: more than 6,600 establishments distributed between Spain, Portugal, Brazil and Argentina. The success of our business is the result of the commitment of our teams, with more than 39,000 experienced employees, led by a team of professionals with great knowledge of the market, with the aim of making DIA the favourite choice of consumers.

Spencer's

SpencersOnline.com

We are a lifestyle retail company with two unique brands located throughout the U.S., Canada, and online. Our Home Office is located just minutes from the beach in Egg Harbor Township, NJ. At Spencer's and Spirit Halloween, we do the right thing always - integrity, fairness, respect, and transparency are our foundation. You will find our culture to be inclusive, passionate, resilient, and one that values differences and embraces all. We are leaders and owners of our business success. Whether it’s developing new and exclusive costumes, quality testing products, or implementing technology solutions, our teams understand the value of working collaboratively to embrace change through innovation, curiosity, and thoughtfulness. We are authentic, professional providers of fun, focused on building a Great Place to Work For All by staying true to our mission: “Life’s A Party, We’re Makin’ It Fun!” and “So Much Fun It’s Scary!”

GPA

gpabr.com

We are one of the largest food retail companies in Brazil. We were pioneers with a multi-format and multi-channel business model that brings together renowned chains and brands such as Pão de Açúcar and Extra, Minuto Pão de Açúcar, Pão de Açúcar Fresh and Mini Extra. In addition to our own and exclusive brands Qualitá, Taeq and Club des Sommeliers. We have more than 765 physical stores and are leaders in food e-commerce in Brazil, working tirelessly to be the best choice for our customers and the pride of our team. We are driven by a passion to serve and win. Our people are committed to our values to offer the best shopping experience in our stores. In all areas, regardless of role or position, everyone is focused on serving and delighting our customers every day.

H-E-B

heb.com

H-E-B is headquartered in San Antonio, Texas with approximately $46 billion in revenue and 160,000+ Partners. Founded in 1905, H-E-B operates more than 435 stores in a number of formats, including H-E-B, Joe V’s Smart Shop, Central Market, Mi Tienda, and Favor. There are truly aisles and aisles of opportunity at H-E-B! From Stores, Manufacturing, Supply Chain or Transportation, to Digital, Corporate and Wellness - Career opportunities at H-E-B are endless. Our company is the largest private company in Texas and one of the 15 largest privately held companies in the U.S. At H-E-B, Each & Every Person Counts. Regularly named a top employer and retailer, H-E-B's Partners (employees), who are owners in our company, are at the heart of what makes our business successful and great. With a humility rooted in our Helping Here philosophy, H-E-B's Partners serve all Texans with open arms and a smile, and demonstrate our collective commitment to take care of Texas. At H-E-B, a job is more than just a job - it's an opportunity for a rewarding career that allows you to use your unique talents and passions to innovate and make the lives of Texans better.

Wesfarmers

cb wesfarmers.com.au

Wesfarmers — a diversified corporation From its origins in 1914 as a Western Australian farmers' cooperative, Wesfarmers has grown into one of Australia's largest listed companies. With headquarters in Western Australia, its diverse business operations cover: home improvement and outdoor living; apparel and general merchandise; office supplies; and an Industrials division with businesses in chemicals, energy and fertilisers, and industrial and safety products. Wesfarmers is one of Australia's largest employers and has a shareholder base of approximately 484,000. The primary objective of Wesfarmers is to provide a satisfactory return to its shareholders. The company aims to achieve this by: * satisfying the needs of customers through the provision of goods and services on a competitive and professional basis; * providing a safe and fulfilling working environment for employees, rewarding good performance and providing opportunities for advancement; * contributing to the growth and prosperity of the countries in which it operates by conducting existing operations in an efficient manner and by seeking out opportunities for expansion; * responding to the attitudes and expectations of the communities in which the company operates; * placing a strong emphasis on protection of the environment; and * acting with integrity and honesty in dealings both inside and outside the company.

Endeavour Group

endeavourgroup.com.au

At Endeavour Group we exist to bring people together in better, more enjoyable, and more meaningful ways. Because we believe that social communities are thriving communities, built through great experiences and positive, memorable moments. United behind a common purpose of ‘Creating a more sociable future together’, we are a 28,000+ strong team with more than 1600 stores and 330 hotels nationally, including leading brands such as Dan Murphy’s, BWS and ALH Hotels. Our portfolio of complementary brands and businesses allows us to curate our brand propositions to meet customer needs. Each of our businesses has its own distinct value proposition, built through shared capabilities in format, range, digital, data and analytics that form the foundations of Endeavour Group’s market leadership in retail drinks and hospitality. For more information, including to access our social media guidelines, visit https://www.endeavourgroup.com.au/social-media-community-guidelines

Shoppers Drug Mart

shoppersdrugmart.ca

Built on a foundation of professional expertise and personal service, Shoppers Drug Mart has been meeting Canadians' health care needs for 50 years. What was once a small pharmacy in Toronto has grown into an organization of over 1,200 stores from coast to coast, becoming an indelible part of the lives of Canadians, young and old. Yet despite our growth, we have never forgotten our origins. We have always remained true to our belief that the personal satisfaction of each and every customer is at the root of our success - and it can only be ensured by the commitment of people who realize that success is built one customer at a time.

Harris Teeter

harristeeter.com

Founded in 1960 in North Carolina, Harris Teeter has been enriching the lives of our customers and our communities for decades. Today, Harris Teeter employs 36,000 valued associates and operates more than 250 stores and 70 fuel centers in seven states and the District of Columbia. In addition to our retail stores, we operate grocery, frozen food and perishable distribution centers in Greensboro and Indian Trail, North Carolina. From fresh, high-quality products to innovative offerings, Harris Teeter delivers an exceptional shopping experience at a great value, which is why Harris Teeter is proud to be ‘your neighborhood market.’ Harris Teeter is committed to not only supporting its communities by donating millions in food and funds to non-profits each year, but we also support our valued associates by offering comprehensive benefits, career growth opportunities and an incredible work culture. This commitment demonstrates Harris Teeter’s purpose to Enrich Lives: One Meal, One Family, One Associate and One Community at a time. Harris Teeter’s History: In 1936, W.T. Harris borrowed $1,500 to open the first Harris Food Store in Charlotte, North Carolina. The store was founded on three principles: high-quality products, clean stores and superior customer service. Harris was considered a pioneer of the grocery industry and opened the first supermarket that featured air-conditioning and stayed open until 9 p.m. on Friday nights. Just a few years later, Willis L. Teeter and his brother, Paul, opened their first Teeter’s Food Mart in Mooresville, North Carolina. On February 1, 1960, Harris Super Markets and Teeter’s Food Marts merged to form Harris Teeter Super Markets, Inc. with 15 stores in operation. Now with more than 250 stores and 36,000 valued associates, Harris Teeter is proud to provide an exceptional shopping experience to millions of customers each year.

Genesco

genesco.com

Genesco is a footwear focused specialty retailer and branded company with more than 1,400 stores in the U.S., Canada, the U.K. and Republic of Ireland. We also sell footwear at wholesale under the Johnston & Murphy brand, and through licensing agreements under the Levi’s, Dockers, Bass and other footwear brands. Today our portfolio of brands ranges from fashion footwear with an attitude to timeless brands.

Loading…

NEWS

H&M CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

June 05, 2026 07:13 PM

2026 FIFA World Cup: Group H preview, what to know

Group H at the 2026 FIFA World Cup will feature Spain, Cape Verde, Saudi Arabia and Uruguay. The top two teams from each group,...

Read Article

June 05, 2026 07:03 PM

Charles H. Newman

Charles H. Newman, 83, of Marionville, passed away Monday, May 18, 2026 at Ozarks Methodist Manor in Marionville. He was born on May 22,...

Read Article

June 05, 2026 06:48 PM

Charles H. Northrup Sr. Obituary (2026) - Rensselaer, NY - Wm. J. Rockefeller Funeral Home, Inc. - Rensselaer

Charles Northrup Obituary Charles H. Northrup, Sr., (Charlie) 71, of Schenectady, passed away Tuesday, June 2nd 2026, at home.

Read Article

June 05, 2026 06:34 PM

Central Ohio Leaders, 4-H Members Prepare for Ronald McDonald House Celebrity Steer Show

WSYX3 FOX28 provides local news, weather forecasts and alerts, traffic updates, consumer advocacy, and the latest information about sports, politics,...

Read Article

June 05, 2026 06:27 PM

Not targeting India: US says its H-1B visa laws are being applied globally

Amid immigration concerns among Indians in the US on visas such as H-1B, a senior American official has said that the country's visa laws...

Read Article

June 05, 2026 06:25 PM

Central Ohio Leaders, 4-H Members Prepare for Ronald McDonald House Celebrity Steer Show

Community leaders, local media personalities, and Ohio 4-H members gathered Friday at the Ohio Expo Center to prepare for the Ronald...

Read Article

June 05, 2026 06:16 PM

Leona H. Ployer Obituary (2026) - Lynn, MA - Solimine Funeral Homes - Broadway

Leona Ployer Obituary Leona Helen Ployer, 96, peacefully passed away on Sunday, May 10, 2026, at Little Creek Care, surrounded by her loving...

Read Article

June 05, 2026 06:14 PM

A Look At H & M Hennes & Mauritz (OM:HM B) Valuation After Recent Mixed Share Performance

Recent share performance and business snapshot H & M Hennes & Mauritz (OM:HM B) stock has been relatively mixed in recent trading,...

Read Article

June 05, 2026 06:11 PM

3 Grant County 4-H teams rank in top 5 at International SeaPerchChallenge

The Arkansas 4-H program left its mark on the 2026 International SeaPerch Challenge, where three Grant County 4-H teams ranked among the top...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-53430

SUMMARY

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Message modules) allows a denial of service via a gzip decompression bomb. This vulnerability is associated with program files lib/grpc/compressor/gzip.ex, lib/grpc/message.ex and program routines 'Elixir.GRPC.Compressor.Gzip':decompress/1, 'Elixir.GRPC.Message':from_data/2. 'Elixir.GRPC.Compressor.Gzip':decompress/1 calls :zlib.gunzip/1 directly on attacker-controlled bytes with no decompressed-size limit, ratio check, or incremental decoding. Because this module is the registered gzip GRPC.Compressor implementation, it is invoked automatically whenever an incoming gRPC frame carries the grpc-encoding: gzip header. :zlib.gunzip/1 allocates the entire decompressed result as a single binary, so a small highly compressible payload (for example a few kilobytes of zeros, which gzip compresses at roughly 1000:1) expands to multiple gigabytes inside a single call. The max_receive_message_length limit is enforced only against the already-decompressed message, so it provides no protection. An unauthenticated remote peer can send a single crafted frame to exhaust the BEAM node's heap and trigger an out-of-memory kill. This issue affects grpc: from 0.4.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 8.7

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48854

SUMMARY

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust the BEAM's memory and crash the server by streaming a large or slow-trickle unary request body. 'Elixir.GRPC.Server.Adapters.Cowboy.Handler':read_full_body/3 (lib/grpc/server/adapters/cowboy/handler.ex) accumulates every received chunk into a single growing binary with no size cap. Additionally, when the client omits the grpc-timeout header, the per-chunk read timeout resolves to :infinity, allowing a slow-trickle client to keep the connection alive indefinitely while memory grows. A single connection is sufficient to exhaust server memory and crash the node. This issue affects grpc from 0.3.1 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 8.7

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48853

SUMMARY

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc allow unauthenticated attackers to crash the BEAM node via atom table exhaustion and, when a decoded term flows into a call site that invokes it, achieve remote code execution on the server. 'Elixir.GRPC.Codec.Erlpack':decode/2 (lib/grpc/codec/erlpack.ex) calls :erlang.binary_to_term/1 on the raw gRPC message body without the :safe option, no size bound, and no type guard. Any unauthenticated peer that sends a request with Content-Type: application/grpc+erlpack can send a crafted payload that mints arbitrary new atoms (which are never garbage-collected, exhausting the bounded atom table and crashing the VM) or that encodes a fun term which, if applied anywhere downstream, executes attacker-controlled code inside the server process. This issue affects grpc from 0.4.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 9.2

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48723

SUMMARY

The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36.4 are vulnerable to OS command injection via the cypress_config_file configuration parameter. In readCypressConfigUtil.js, the loadJsFile() function constructs a shell command by interpolating the user-controlled cypress_config_filepath value into a template literal, then executes it via child_process.execSync(). Shell metacharacters in the config path (specifically " and ;) allow breaking out of the quoted argument and injecting arbitrary commands. This issue has been fixed in version 1.36.6.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: 7.8)

cvss3

Base Score: 7.8

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

1.8

REFERENCES

CVE-2026-48599

SUMMARY

Authorization Bypass Through User-Controlled Key vulnerability in elixir-grpc grpc allows authenticated attackers to access or modify resources belonging to other users by smuggling a conflicting value for any path-bound field via the query string or request body. In 'Elixir.GRPC.Server.Transcode':map_request/5 (lib/grpc/server/transcode.ex), all three clauses use Map.merge/2 with path bindings as the first argument, giving them the lowest merge precedence. A request such as GET /users/me/profile?user_id=victim (or a POST with {"user_id": "victim"} when body: "*") yields a decoded protobuf struct where the path-bound field carries the attacker-supplied value rather than the router-extracted value. Any handler that uses the path-bound field for authorization, multi-tenancy scoping, or ownership checks is silently bypassed. This issue affects grpc from 0.8.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 7.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…