International SOS
Company Details
Linkedin ID:
international-sos
Website:
Employees number:
12,309
Number of followers:
455,742
NAICS:
62
Industry Type:
Homepage:
internationalsos.com
IP Addresses:
0
Company ID:
INT_1608968
Scan Status:
In-progress
International SOS Company CyberSecurity Posture
internationalsos.com
The International SOS Group of Companies has been in the business of saving lives for over 40 years. Protecting global workforces from health and security threats, we deliver customised health, security risk management and wellbeing solutions to fuel our clients’ growth and productivity. In the event of extreme weather, an epidemic or a security incident, we provide an immediate response providing peace of mind. Our innovative technology and medical expertise with a focus on prevention, offers real-time, actionable insights and unparalleled on-the-ground delivery. We help clients meet compliance reporting needs for good governance. By partnering with us organisations can fulfil their Duty of Care responsibilities, while empowering business resilience, continuity and sustainability. Founded in 1985, the International SOS Group, headquartered in London & Singapore, is trusted by 9,000 organisations, including the majority of the Fortune Global 500 as well as mid-size enterprises, governments, educational institutions, and NGOs. 12,000 multi-cultural medical, security and logistics experts stand with you to provide support & assistance from over 1,200 locations in 90 countries, 24/7, 365 days. To protect your workforce, we are at your fingertips: www.internationalsos.com For news and events updates follow us on Twitter - https://twitter.com/IntlSOS
International SOS A.I CyberSecurity Scoring
International SOS Risk Score (AI oriented)Between 750 and 799
International SOS
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
International SOS Global Score (TPRM)XXXX
International SOS
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
International SOS Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
International SOS Assistance, Inc
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The California Office of the Attorney General reported that International SOS Assistance, Inc. experienced a data breach on August 24, 2013, potentially compromising personal information of a small number of members, including names, passport numbers, and possibly social security numbers. The incident was reported on October 25, 2013, and involved unauthorized access to some data files, with 24/7 monitoring and identity theft protection offered to affected individuals.
International SOS Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for International SOS
Incidents vs Hospitals and Health Care Industry Average (This Year)
No incidents recorded for International SOS in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for International SOS in 2025.
Incident Types International SOS vs Hospitals and Health Care Industry Avg (This Year)
No incidents recorded for International SOS in 2025.
Incident History — International SOS (X = Date, Y = Severity)
International SOS cyber incidents detection timeline including parent company and subsidiaries
International SOS Company Subsidiaries
The International SOS Group of Companies has been in the business of saving lives for over 40 years. Protecting global workforces from health and security threats, we deliver customised health, security risk management and wellbeing solutions to fuel our clients’ growth and productivity. In the event of extreme weather, an epidemic or a security incident, we provide an immediate response providing peace of mind. Our innovative technology and medical expertise with a focus on prevention, offers real-time, actionable insights and unparalleled on-the-ground delivery. We help clients meet compliance reporting needs for good governance. By partnering with us organisations can fulfil their Duty of Care responsibilities, while empowering business resilience, continuity and sustainability. Founded in 1985, the International SOS Group, headquartered in London & Singapore, is trusted by 9,000 organisations, including the majority of the Fortune Global 500 as well as mid-size enterprises, governments, educational institutions, and NGOs. 12,000 multi-cultural medical, security and logistics experts stand with you to provide support & assistance from over 1,200 locations in 90 countries, 24/7, 365 days. To protect your workforce, we are at your fingertips: www.internationalsos.com For news and events updates follow us on Twitter - https://twitter.com/IntlSOS
Loading...
International SOS Similar Companies
The Ohio State University Wexner Medical Center
At The Ohio State University Wexner Medical Center you will find more than a job – you can establish a career that allows you to actually change the face of medicine. As central Ohio's only academic medical center, we emphasize learning, development and innovation in order to offer the very best in
Fresenius Medical Care is the world’s leading provider of products and services for individuals with renal diseases. We aim to create a future worth living for chronically and critically ill patients – worldwide and every day. Thanks to our decades of experience in dialysis, our innovative research
As the largest nonprofit health system in the Mountain West, Intermountain Health is dedicated to creating healthier communities and helping our patients and caregivers thrive. It’s time to think of health in a whole new way, and by partnering with our patients and communities, providing expert
HCA Healthcare is dedicated to giving people a healthier tomorrow. As one of the nation’s leading providers of healthcare services, HCA Healthcare is comprised of 188 hospitals and 2,400+ sites of care in 20 states and the United Kingdom. In addition to hospitals, sites of care include surgery cen
As a premier care provider since 1985, Genesis HealthCare is a holding company with subsidiaries that, on a combined basis, provide services to skilled nursing facilities and senior living communities. Genesis also specializes in contract rehabilitation therapy, respiratory therapy, physician servic
Lehigh Valley Health Network
Lehigh Valley Health Network (LVHN) is proudly part of Jefferson Health, forming a leading integrated academic health care delivery system. With 65,000 colleagues, 32 hospitals and over 700 sites of care across the Lehigh Valley, northeastern Pennsylvania, Delaware Valley and southern New Jersey. L
Medical University of South Carolina
The Medical University of South Carolina (MUSC) is a public institution of higher learning the purpose of which is to preserve and optimize human life in South Carolina and beyond. The university provides an interprofessional environment for learning and discovery through education of health care p
CHRISTUS Health
CHRISTUS Health is a Catholic not-for-profit health care system comprising more than 600 centers, including long-term care facilities, community hospitals, walk-in clinics and health ministries. We are a community of 50,000 Associates, with over 15,000 physicians providing personalized care. Our m
Mediclinic
Mediclinic Southern Africa is a private hospital group operating in South Africa and Namibia focused on providing acute care, specialist-orientated, multi-disciplinary hospital services and related service offerings. We place science at the heart of our care process by striving to provide evidence-b
.png)
International SOS CyberSecurity News
October 08, 2025 07:00 AM
JICA Strengthens Samoa’s Capacity to Enhance Cybersecurity Policies within Government
JICA - Japan International Cooperation Agency is pleased to announce the successful participation of Mr. Tapuala Mearold Solofa Viliamu of...
October 01, 2025 07:00 AM
Interview: Ricus Groenewald, International SOS
Oliver Cuenca speaks to Ricus Groenewald, Director of Operations Worldwide at International SOS, about the future of the international risk...
September 22, 2025 07:00 AM
43 Top Cybersecurity Companies to Know 2025
The damage inflicted by cybercrime is expected to produce $10.5 trillion in global costs in 2024, with the average breach costing...
May 23, 2025 07:00 AM
Shortlisted nominees announced for the 2025 SAFETY4SEA Awards
The distinguished shortlisted nominees for the 2024 SAFETY4SEA Awards are announced, following an online nomination process.
April 16, 2025 07:00 AM
Top travel concerns for UK travellers in 2025
Travel disruptions, cybersecurity threats, and geopolitical instability top the worry list for UK business travellers, according to a new...
December 28, 2024 08:00 AM
The Safest Places To Travel In 2025, According To A New Report
As in previous years, Scandinavian countries top International SOS's list of safest destinations, including Iceland, Norway, Denmark and Finland.
June 04, 2024 07:00 AM
NSA and Universities Partnering to Advance Cybersecurity Research
NSA Research invited leading university research institutions across the country to the National Cryptologic Museum for a day-long event to...
March 16, 2024 07:00 AM
Safe Travels: Here’s What’s New In Medical And Security Memberships
Membership programs like Covac Global, Medjet, Global Rescue and International SOS can supplement travel insurance by adding valuable services.
February 09, 2024 08:00 AM
Protecting the workforce amidst geopolitical threats
In December, International SOS released its annual 2024 Risk Outlook Report, created to identify top concerns that organizations are...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
International SOS CyberSecurity History Information
Official Website of International SOS
The official website of International SOS is http://www.internationalsos.com.
International SOS’s AI-Generated Cybersecurity Score
According to Rankiteo, International SOS’s AI-generated cybersecurity score is 790, reflecting their Fair security posture.
How many security badges does International SOS’ have ?
According to Rankiteo, International SOS currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does International SOS have SOC 2 Type 1 certification ?
According to Rankiteo, International SOS is not certified under SOC 2 Type 1.
Does International SOS have SOC 2 Type 2 certification ?
According to Rankiteo, International SOS does not hold a SOC 2 Type 2 certification.
Does International SOS comply with GDPR ?
According to Rankiteo, International SOS is not listed as GDPR compliant.
Does International SOS have PCI DSS certification ?
According to Rankiteo, International SOS does not currently maintain PCI DSS compliance.
Does International SOS comply with HIPAA ?
According to Rankiteo, International SOS is not compliant with HIPAA regulations.
Does International SOS have ISO 27001 certification ?
According to Rankiteo,International SOS is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of International SOS
International SOS operates primarily in the Hospitals and Health Care industry.
Number of Employees at International SOS
International SOS employs approximately 12,309 people worldwide.
Subsidiaries Owned by International SOS
International SOS presently has no subsidiaries across any sectors.
International SOS’s LinkedIn Followers
International SOS’s official LinkedIn profile has approximately 455,742 followers.
NAICS Classification of International SOS
International SOS is classified under the NAICS code 62, which corresponds to Health Care and Social Assistance.
International SOS’s Presence on Crunchbase
Yes, International SOS has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/international-sos.
International SOS’s Presence on LinkedIn
Yes, International SOS maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/international-sos.
Cybersecurity Incidents Involving International SOS
As of December 11, 2025, Rankiteo reports that International SOS has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
International SOS has an estimated 30,928 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at International SOS ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does International SOS detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an remediation measures with 24/7 monitoring, remediation measures with identity theft protection..
Incident Details
Can you provide details on each incident ?
Title: International SOS Assistance, Inc. Data Breach
Description: Unauthorized access to data files potentially compromising personal information of a small number of members.
Date Detected: 2013-08-24
Date Publicly Disclosed: 2013-10-25
Type: Data Breach
Attack Vector: Unauthorized Access
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach INT425072525
Data Compromised: Names, Passport numbers, Social security numbers
Identity Theft Risk: High
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Names, Passport Numbers, Social Security Numbers and .
Which entities were affected by each incident ?
Incident : Data Breach INT425072525
Entity Name: International SOS Assistance, Inc.
Entity Type: Company
Industry: Healthcare
Customers Affected: Small number of members
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach INT425072525
Remediation Measures: 24/7 monitoringIdentity theft protection
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach INT425072525
Type of Data Compromised: Names, Passport numbers, Social security numbers
Sensitivity of Data: High
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: 24/7 monitoring, Identity theft protection, .
References
Where can I find more information about each incident ?
Incident : Data Breach INT425072525
Source: California Office of the Attorney General
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: California Office of the Attorney General.
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2013-08-24.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2013-10-25.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Names, Passport Numbers, Social Security Numbers and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Passport Numbers, Social Security Numbers and Names.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is California Office of the Attorney General.
.png)
Latest Global CVEs (Not Company-Specific)
Description
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Versions 3.5.4 and below contain a Stored Cross-Site Scripting (XSS) vulnerability in the /WeGIA/html/geral/configurar_senhas.php endpoint. The application does not sanitize user-controlled data before rendering it inside the employee selection dropdown. The application retrieves employee names from the database and injects them directly into HTML <option> elements without proper escaping. This issue is fixed in version 3.5.5.
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Description
ZITADEL is an open-source identity infrastructure tool. Versions 4.0.0-rc.1 through 4.7.0 are vulnerable to DOM-Based XSS through the Zitadel V2 logout endpoint. The /logout endpoint insecurely routes to a value that is supplied in the post_logout_redirect GET parameter. As a result, unauthenticated remote attacker can execute malicious JS code on Zitadel users’ browsers. To carry out an attack, multiple user sessions need to be active in the same browser, however, account takeover is mitigated when using Multi-Factor Authentication (MFA) or Passwordless authentication. This issue is fixed in version 4.7.1.
Risk Information
cvss3
Base: 8.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N
Description
ZITADEL is an open-source identity infrastructure tool. Versions 4.7.0 and below are vulnerable to an unauthenticated, full-read SSRF vulnerability. The ZITADEL Login UI (V2) treats the x-zitadel-forward-host header as a trusted fallback for all deployments, including self-hosted instances. This allows an unauthenticated attacker to force the server to make HTTP requests to arbitrary domains, such as internal addresses, and read the responses, enabling data exfiltration and bypassing network-segmentation controls. This issue is fixed in version 4.7.1.
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
Description
NiceGUI is a Python-based UI framework. Versions 3.3.1 and below are vulnerable to directory traversal through the App.add_media_files() function, which allows a remote attacker to read arbitrary files on the server filesystem. This issue is fixed in version 3.4.0.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Description
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions are vulnerable to authentication bypass when the authentication type is set to "webserver." When providing an Authorization header with an arbitrary value, a session is associated with the target user regardless of valid credentials. This issue is fixed in versions 16.0.44 and 17.0.23.
Risk Information
cvss4
Base: 9.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/FreePBX/framework/commit/04224253156543cd9932b90458660b2f19fc0e35#diff-72f14a52840a61504a8e03cd195035b44e488aecd634b001bc6412a04bdc940bR20-R50
- https://github.com/FreePBX/security-reporting/security/advisories/GHSA-9jvh-mv6x-w698
- https://www.freepbx.org/watch-what-we-do-with-security-fixes-%f0%9f%91%80
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=international-sos' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
