International Paper
Company Details
Linkedin ID:
international-paper
Employees number:
25,565
Number of followers:
417,652
NAICS:
322
Industry Type:
Homepage:
internationalpaper.com
IP Addresses:
0
Company ID:
INT_9402545
Scan Status:
In-progress
International Paper Company CyberSecurity Posture
internationalpaper.com
International Paper (NYSE: IP; LSE: IPC) is the global leader in sustainable packaging solutions. With company headquarters in Memphis, Tennessee, USA, and EMEA (Europe, Middle East and Africa) headquarters in London, UK, we employ more than 65,000 team members and serve customers around the world with operations in more than 30 countries. Together with our customers, we make the world safer and more productive, one sustainable packaging solution at a time. Learn more at internationalpaper.com.
International Paper A.I CyberSecurity Scoring
International Paper Risk Score (AI oriented)Between 750 and 799
International Paper
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
International Paper Global Score (TPRM)XXXX
International Paper
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
International Paper Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
International Paper Company
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: The California Office of the Attorney General reported a data breach involving International Paper Company on November 20, 2023. The breach occurred on May 30, 2023, when an unknown actor accessed the MOVEit Transfer server and potentially exfiltrated personal information of individuals associated with the company's health and welfare plan. The breach involved the potential leak of sensitive personal information, which could have significant consequences for the affected individuals.
International Paper Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for International Paper
Incidents vs Paper and Forest Product Manufacturing Industry Average (This Year)
No incidents recorded for International Paper in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for International Paper in 2026.
Incident Types International Paper vs Paper and Forest Product Manufacturing Industry Avg (This Year)
No incidents recorded for International Paper in 2026.
Incident History — International Paper (X = Date, Y = Severity)
International Paper cyber incidents detection timeline including parent company and subsidiaries
International Paper Company Subsidiaries
International Paper (NYSE: IP; LSE: IPC) is the global leader in sustainable packaging solutions. With company headquarters in Memphis, Tennessee, USA, and EMEA (Europe, Middle East and Africa) headquarters in London, UK, we employ more than 65,000 team members and serve customers around the world with operations in more than 30 countries. Together with our customers, we make the world safer and more productive, one sustainable packaging solution at a time. Learn more at internationalpaper.com.
Loading...
International Paper Similar Companies
RGE
Headquartered in Singapore, RGE is a global group of companies in the bio-based resources and energy sectors, serving over 100 markets worldwide. With more than US$35 billion in assets and a workforce of 80,000 employees, our operations span across Indonesia, China, Brazil, Canada, Spain, and Malays
Suzano
Suzano, the company resulting from the merger of Suzano Pulp & Paper and Fibria, is committed to being a global reference in the sustainable use of natural resources. The world's leading producer of eucalyptus pulp and one of Latin America’s largest paper producers, Suzano exports to more than 80 co
APP Group
APP serves as the holding company for multiple Indonesia pulp and paper manufacturing as well as forestry entities, catering to the increasing global need for high-quality tissue, packaging, and paper. Our products reach over 150 countries spanning six continents. APP Group serves as group name of p
Bio Pappel SAB de CV
  Since its foundation 25 years ago, we have set ourselves three major objectives, which are our company’s mission: to competitively produce paper and paper products, to constantly adhere to the international best business practices and to progressively grow our integral competitive edge to the
Somos a maior produtora e exportadora de papéis para embalagens do Brasil, líderes nos mercados de embalagens de papelão ondulado, sacos industriais e papel-cartão e a única indústria do País a oferecer soluções em celuloses de fibra curta, fibra longa e fluff. Com mais de 120 anos de história, temo
.png)
International Paper CyberSecurity News
December 04, 2025 08:00 AM
Cybersecurity in Manufacturing: Are Seasonal Hires a Risk?
The year-end retail surge strains factories and logistics, but an influx of temporary staff can expose identity and access control gaps.
November 25, 2025 08:00 AM
International Paper’s Corrugated Box Plant, Iowa, USA
International Paper, a US-based pulp and paper company, is constructing a new corrugated box factory in Waterloo, Iowa, US.
November 11, 2025 08:00 AM
ISA position paper explores industrial AI in automation, covering opportunities, risks, cybersecurity considerations
The International Society of Automation (ISA) recently published a position paper that provides a forward-looking perspective on the...
November 06, 2025 08:00 AM
2023-2030 Australian Cyber Security Strategy
On 8 December 2022, the Minister for Cyber Security, the Hon. Clare O'Neil MP, announced the development of the 2023-2030 Australian Cyber...
October 06, 2025 07:00 AM
New cybersecurity survey 2025: AI, scam fears and fraud risks
Discover key trends in fraud and cybersecurity from a new Mastercard global survey, showing AI is heightening anxiety, Gen Z engages more...
October 01, 2025 07:00 AM
LSU Graduate Protects U.S. Energy Industry, Joins Cybersecurity Team at Chevron
Meet Arushi Ghildiyal who recently graduated from LSU with a degree in cybersecurity at 20 years old and is now working for one of the...
October 01, 2025 07:00 AM
New world, new rules: Cybersecurity in an era of uncertainty - The C-suite playbook
Cybersecurity is entering uncharted waters. A rapidly shifting world order and threat environment ― powered by recent, exponential leaps in...
September 17, 2025 07:00 AM
Quantum in focus: how finance is adapting and what else to watch in frontier tech
Top stories: Cybersecurity for banking in the age of quantum technology; RoboBallet unveiled; and AI-powered aerial robots.
August 06, 2025 07:00 AM
Cybersecurity and International Trade
Cybersecurity is a critical foundation for enabling secure and trusted digital flows in today's interconnected global economy.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
International Paper CyberSecurity History Information
Official Website of International Paper
The official website of International Paper is http://www.internationalpaper.com.
International Paper’s AI-Generated Cybersecurity Score
According to Rankiteo, International Paper’s AI-generated cybersecurity score is 775, reflecting their Fair security posture.
How many security badges does International Paper’ have ?
According to Rankiteo, International Paper currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has International Paper been affected by any supply chain cyber incidents ?
According to Rankiteo, International Paper has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does International Paper have SOC 2 Type 1 certification ?
According to Rankiteo, International Paper is not certified under SOC 2 Type 1.
Does International Paper have SOC 2 Type 2 certification ?
According to Rankiteo, International Paper does not hold a SOC 2 Type 2 certification.
Does International Paper comply with GDPR ?
According to Rankiteo, International Paper is not listed as GDPR compliant.
Does International Paper have PCI DSS certification ?
According to Rankiteo, International Paper does not currently maintain PCI DSS compliance.
Does International Paper comply with HIPAA ?
According to Rankiteo, International Paper is not compliant with HIPAA regulations.
Does International Paper have ISO 27001 certification ?
According to Rankiteo,International Paper is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of International Paper
International Paper operates primarily in the Paper and Forest Product Manufacturing industry.
Number of Employees at International Paper
International Paper employs approximately 25,565 people worldwide.
Subsidiaries Owned by International Paper
International Paper presently has no subsidiaries across any sectors.
International Paper’s LinkedIn Followers
International Paper’s official LinkedIn profile has approximately 417,652 followers.
NAICS Classification of International Paper
International Paper is classified under the NAICS code 322, which corresponds to Paper Manufacturing.
International Paper’s Presence on Crunchbase
No, International Paper does not have a profile on Crunchbase.
International Paper’s Presence on LinkedIn
Yes, International Paper maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/international-paper.
Cybersecurity Incidents Involving International Paper
As of January 22, 2026, Rankiteo reports that International Paper has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
International Paper has an estimated 683 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at International Paper ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
Incident Details
Can you provide details on each incident ?
Title: Data Breach at International Paper Company
Description: The California Office of the Attorney General reported a data breach involving International Paper Company on November 20, 2023. The breach occurred on May 30, 2023, when an unknown actor accessed the MOVEit Transfer server and potentially exfiltrated personal information of individuals associated with the company's health and welfare plan.
Date Detected: 2023-11-20
Date Publicly Disclosed: 2023-11-20
Type: Data Breach
Attack Vector: Unauthorized Access
Vulnerability Exploited: MOVEit Transfer server
Threat Actor: Unknown
Motivation: Data Exfiltration
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through MOVEit Transfer server.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach INT953072525
Data Compromised: Personal Information
Systems Affected: MOVEit Transfer server
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Information.
Which entities were affected by each incident ?
Incident : Data Breach INT953072525
Entity Name: International Paper Company
Entity Type: Corporation
Industry: Paper and Pulp
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach INT953072525
Type of Data Compromised: Personal Information
Data Exfiltration: Potential
References
Where can I find more information about each incident ?
Incident : Data Breach INT953072525
Source: California Office of the Attorney General
Date Accessed: 2023-11-20
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: California Office of the Attorney GeneralDate Accessed: 2023-11-20.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach INT953072525
Entry Point: MOVEit Transfer server
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Unknown.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2023-11-20.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2023-11-20.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident was Personal Information.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was Personal Information.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is California Office of the Attorney General.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an MOVEit Transfer server.
.png)
Latest Global CVEs (Not Company-Specific)
Description
SummaryA command injection vulnerability (CWE-78) has been found to exist in the `wrangler pages deploy` command. The issue occurs because the `--commit-hash` parameter is passed directly to a shell command without proper validation or sanitization, allowing an attacker with control of `--commit-hash` to execute arbitrary commands on the system running Wrangler. Root causeThe commitHash variable, derived from user input via the --commit-hash CLI argument, is interpolated directly into a shell command using template literals (e.g., execSync(`git show -s --format=%B ${commitHash}`)). Shell metacharacters are interpreted by the shell, enabling command execution. ImpactThis vulnerability is generally hard to exploit, as it requires --commit-hash to be attacker controlled. The vulnerability primarily affects CI/CD environments where `wrangler pages deploy` is used in automated pipelines and the --commit-hash parameter is populated from external, potentially untrusted sources. An attacker could exploit this to: * Run any shell command. * Exfiltrate environment variables. * Compromise the CI runner to install backdoors or modify build artifacts. Credits Disclosed responsibly by kny4hacker. Mitigation * Wrangler v4 users are requested to upgrade to Wrangler v4.59.1 or higher. * Wrangler v3 users are requested to upgrade to Wrangler v3.114.17 or higher. * Users on Wrangler v2 (EOL) should upgrade to a supported major version.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data as well as unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L).
Risk Information
cvss3
Base: 8.1
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=international-paper' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
