Integris
Company Details
Linkedin ID:
integris-it
Website:
Employees number:
545
Number of followers:
9,653
NAICS:
5415
Industry Type:
Homepage:
integrisit.com
IP Addresses:
0
Company ID:
INT_2585758
Scan Status:
In-progress
Integris Company CyberSecurity Posture
integrisit.com
At Integris, we believe we’re better together. We’re bringing together some of best managed IT service providers in a strong, national network. Through it, we’re able to offer small and medium-sized businesses the best in local, onsite service and strategic guidance, while backing them up with a national network of 24/7 service desk coverage, cybersecurity monitoring, and compliance services led by our CISO team. Our rapid deployment of mergers and acquisitions is growing our network across the country, allowing each of our Integris offices to provide SOC2 Compliant operations and the gold standard in consistent service and products. Want to learn more? Visit our website at www.integrisit.com.
Integris A.I CyberSecurity Scoring
Integris Risk Score (AI oriented)Between 700 and 749
Integris
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Integris Global Score (TPRM)XXXX
Integris
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Integris Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Integris
Data Leak
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Integris Health patients have been receiving threatening emails claiming that personal information was compromised in a cyberattack on the healthcare network and that the information would be sold to other unscrupulous parties if they do not pay the demands made of them. INTEGRIS Health secured the area and started looking into the type and extent of the activity. Files may have been accessed by an unauthorised individual, it was discovered. The hackers stated in the emails they sent to patients that they had conducted a cyberattack and stolen the personal information of over two million patients. Social Security numbers, dates of birth, residences, phone numbers, insurance information, and employer details were all included in the material.
Integris Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Integris
Incidents vs IT Services and IT Consulting Industry Average (This Year)
No incidents recorded for Integris in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Integris in 2025.
Incident Types Integris vs IT Services and IT Consulting Industry Avg (This Year)
No incidents recorded for Integris in 2025.
Incident History — Integris (X = Date, Y = Severity)
Integris cyber incidents detection timeline including parent company and subsidiaries
Integris Company Subsidiaries
At Integris, we believe we’re better together. We’re bringing together some of best managed IT service providers in a strong, national network. Through it, we’re able to offer small and medium-sized businesses the best in local, onsite service and strategic guidance, while backing them up with a national network of 24/7 service desk coverage, cybersecurity monitoring, and compliance services led by our CISO team. Our rapid deployment of mergers and acquisitions is growing our network across the country, allowing each of our Integris offices to provide SOC2 Compliant operations and the gold standard in consistent service and products. Want to learn more? Visit our website at www.integrisit.com.
Loading...
Integris Similar Companies
Oracle
We’re a cloud technology company that provides organizations around the world with computing infrastructure and software to help them innovate, unlock efficiencies and become more effective. We also created the world’s first – and only – autonomous database to help organize and secure our customers’
ITC Infotech
ITC Infotech is a global technology solution and services leader providing business-friendly solutions, that enable future-readiness for clients. We seamlessly bring together digital expertise, strong industry-specific alliances, and deep domain expertise from ITC Group businesses. Our solutions and
Gainwell Technologies
For 50 years, our nation’s federal Medicaid program has worked to improve the health, safety and well-being of America’s most vulnerable populations: low-income families, women and children, seniors, and those with disabilities. With positive health and cost outcomes that pierce inequities and impac
Verizon
We get you. You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. You’ll find all that here. Because we empower you. We power and empower how people live, work and play by connecting them to what bri
ASGN Incorporated
ASGN Incorporated (NYSE: ASGN) is a leading provider of IT services and solutions across the commercial and government sectors. ASGN helps corporate enterprises and government organizations develop, implement and operate critical IT and business solutions through its integrated offerings. For more i
Infinite Computer Solutions
Infinite is a global leader in technology modernization, next-gen IT services and solutions, and digital engineering, with over two decades of experience helping clients turn digital transformation into business value. Leveraging an AI-first approach, we combine leading technologies, innovative plat
iSoftStone
iSoftStone is a global IT service and consulting company‚ÄØthat creates value and drives success through technology solutions, service excellence, and digital innovation. We specialize in web and application development, software testing and support, data and content management, digital experience,
Birlasoft
Navigating Change. Powering Progress. | Reimagining the Future with Birlasoft Birlasoft, a powerhouse where domain expertise, enterprise solutions, and digital technologies converge to redefine business processes. We take pride in our consultative and design thinking approach, driving societal pro
Conduent delivers digital business solutions and services spanning the commercial, government and transportation spectrum – creating valuable outcomes for its clients and the millions of people who count on them. We leverage cloud computing, artificial intelligence, machine learning, automation and
.png)
Integris CyberSecurity News
October 19, 2025 07:00 AM
$30M settlement reached in data breach affecting 2.4M patients
The ransomware attack on Integris Health, a nonprofit health system in Oklahoma, happened in late 2023. Victims of the breach said they were...
October 14, 2025 07:00 AM
$30 Million Settlement Agreed to Resolve Integris Health Class Action Data Breach Lawsuit
Integris Health has completed the review of the files that were accessed/stolen in its November 2023 cyberattack and has reported the incident to the...
August 12, 2025 07:00 AM
Integris Earns Ranking on 2025 Inc. 5000 List for Fourth Consecutive Year
PRNewswire/ -- Integris, a national leader in future-ready managed services, announces its fourth consecutive ranking on the influential...
July 25, 2025 07:00 AM
Glenn Mathis, Integris: “making enterprise-grade cybersecurity accessible for SMBs”
Integris is a full-service, future-ready managed service provider, offering small to midsize businesses flexible service plans with full cost...
June 17, 2025 07:00 AM
Integris Acquires TechMD to Expand Managed Services and Cybersecurity Platform
Integris Acquires TechMD to Expand Managed Services and Cybersecurity Platform · Expanding Cybersecurity Capabilities with MDR and Compliance...
June 17, 2025 07:00 AM
OMERS Private Equity-backed Integris buys cybersecurity biz TechMD
OMERS Private Equity-backed Integris buys cybersecurity biz TechMD ... Integris, a portfolio company of OMERS Private Equity, has acquired TechMD,...
June 16, 2025 07:00 AM
TechMD Announces its Acquisition by Integris
TechMD, a leading provider of cybersecurity and IT managed services, announced today that it has been acquired by Integris,...
June 16, 2025 07:00 AM
Integris Acquires TechMD
Integris, a national leader in future-ready managed services, backed by OMERS Private Equity, today announces the acquisition of premier managed service...
June 02, 2025 07:00 AM
Consumers Prefer U.S.-Made Goods, But Don’t Want to Pay Extra: Integris Report
While American consumers are showing renewed interest in products made in the United States, outdated technology is threatening to undermine...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Integris CyberSecurity History Information
Official Website of Integris
The official website of Integris is https://integrisit.com/.
Integris’s AI-Generated Cybersecurity Score
According to Rankiteo, Integris’s AI-generated cybersecurity score is 717, reflecting their Moderate security posture.
How many security badges does Integris’ have ?
According to Rankiteo, Integris currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Integris have SOC 2 Type 1 certification ?
According to Rankiteo, Integris is not certified under SOC 2 Type 1.
Does Integris have SOC 2 Type 2 certification ?
According to Rankiteo, Integris does not hold a SOC 2 Type 2 certification.
Does Integris comply with GDPR ?
According to Rankiteo, Integris is not listed as GDPR compliant.
Does Integris have PCI DSS certification ?
According to Rankiteo, Integris does not currently maintain PCI DSS compliance.
Does Integris comply with HIPAA ?
According to Rankiteo, Integris is not compliant with HIPAA regulations.
Does Integris have ISO 27001 certification ?
According to Rankiteo,Integris is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Integris
Integris operates primarily in the IT Services and IT Consulting industry.
Number of Employees at Integris
Integris employs approximately 545 people worldwide.
Subsidiaries Owned by Integris
Integris presently has no subsidiaries across any sectors.
Integris’s LinkedIn Followers
Integris’s official LinkedIn profile has approximately 9,653 followers.
NAICS Classification of Integris
Integris is classified under the NAICS code 5415, which corresponds to Computer Systems Design and Related Services.
Integris’s Presence on Crunchbase
Yes, Integris has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/domain-computer-services.
Integris’s Presence on LinkedIn
Yes, Integris maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/integris-it.
Cybersecurity Incidents Involving Integris
As of November 27, 2025, Rankiteo reports that Integris has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Integris has an estimated 36,263 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Integris ?
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak.
How does Integris detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with secured the area and started investigation..
Incident Details
Can you provide details on each incident ?
Title: Integris Health Data Breach
Description: Integris Health patients received threatening emails claiming that their personal information was compromised in a cyberattack. The hackers demanded payment to prevent the information from being sold to other unscrupulous parties.
Type: Data Breach
Attack Vector: Email Threats
Motivation: Financial Gain
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Data Leak.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Email Threats.
Impact of the Incidents
What was the impact of each incident ?
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Social Security Numbers, Dates Of Birth, Residences, Phone Numbers, Insurance Information, Employer Details and .
Which entities were affected by each incident ?
Incident : Data Breach INT21125224
Entity Name: Integris Health
Entity Type: Healthcare Network
Industry: Healthcare
Customers Affected: Over two million patients
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach INT21125224
Containment Measures: Secured the area and started investigation
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach INT21125224
Type of Data Compromised: Social security numbers, Dates of birth, Residences, Phone numbers, Insurance information, Employer details
Number of Records Exposed: Over two million
Sensitivity of Data: High
Data Exfiltration: Yes
Personally Identifiable Information: Yes
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by secured the area and started investigation.
Ransomware Information
Was ransomware involved in any of the incidents ?
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach INT21125224
Investigation Status: Ongoing
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach INT21125224
Entry Point: Email Threats
High Value Targets: Patient data
Data Sold on Dark Web: Patient data
Additional Questions
General Information
What was the amount of the last ransom demanded ?
Last Ransom Demanded: The amount of the last ransom demanded was Yes.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident was Yes.
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Secured the area and started investigation.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was Yes.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 0.
Ransomware Information
What was the highest ransom demanded in a ransomware incident ?
Highest Ransom Demanded: The highest ransom demanded in a ransomware incident was Yes.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Email Threats.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=integris-it' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
