Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Invacare U.S.

Invacare U.S. Vendor Cyber Rating & Cyber Score

invacareamerica.com
in
Add Your Compliance Badge
ISO 27001
SOC 2 Type 1
SOC 2 Type 2
PCI DSS
HIPAA
GDPR

Since 1885, Invacare has helped people with disabilities live life. Today, Invacare America is the global leader in home and long-term-care medical products. Invacare America headquartered in Elyria, Ohio and owned by C+A Global, is a global leader in the manufacture and distribution of innovative home and long-term care medical products that promote recovery and active lifestyles. Invacare America is home to approximately 2,200 employees. The company sells its products through home medical equipment providers, retail and e-commerce channels, residential care operators, distributors, and government health services. Invacare America, through its products and services, makes life's experiences possible for millions of consumers every


Invacare U.S. A.I CyberSecurity Scoring

Incident Details
Invacare U.S.
Company Information
Website:https://invacareamerica.com
Employees number:1,328
Number of followers:34,517
NAICS:
Industry Type:Medical Device
Homepage:invacareamerica.com
Cyber Premium EstimationGet Supply Chain
Invacare U.S. Risk Score (AI oriented)
Between 550 and 599
logo
Invacare U.S.Medical Device
Updated:
02/04/2026
569/1000
Very Poor
Ca
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
Invacare U.S. Global Score (TPRM)
xxxx
logo
Invacare U.S.Medical Device
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

Invacare U.S.
Invacare U.S.Very Poor
Current Score
569Ca (VERY POOR)
01000
2 incidents
-135 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JUNE 2026
584Before Incident
MAY 2026
574Before Incident
APRIL 2026
571Before Incident
MARCH 2026
566Before Incident
FEBRUARY 2026
564Before Incident
JANUARY 2026
559Before Incident
DECEMBER 2025
548Before Incident
NOVEMBER 2025
677Before Incident
Ransomware
01 Nov 2025Invacare U.S.
Invacare International Holdings Corp.

Invacare International Holdings Corp. Ransomware Attack (November 2025)

542After Incident
CRITICAL-135
INV1592415111025
In November 2025, Invacare International Holdings Corp., a leading manufacturer of medical equipment (e.g., wheelchairs, respiratory devices, and mobility aids), suffered a ransomware attack by the RHYSIDA group. The attackers claimed to have stolen sensitive personal data—including names, addresses, dates of birth, Social Security numbers, health insurance details, medical records, and financial information—from thousands of current/former patients and employees. The stolen data was threatened for public release on the dark web if ransom demands were unmet. The breach exposed highly confidential information, posing risks of identity theft, financial fraud, and medical privacy violations. The incident triggered legal investigations, with affected individuals urged to monitor credit reports, enroll in identity protection services, and seek compensation for damages like emotional distress, lost time, and out-of-pocket expenses.
INCIDENT DETAILS -
TYPE
Ransomware Attack / Data Breach
MOTIVATION
Financial (ransom demand)
IMPACT
NameAddressDate of birthSocial Security numberHealth insurance informationMedical informationFinancial informationBrand Reputation Impact: High (potential loss of trust among patients and healthcare partners)Legal Liabilities: Potential lawsuits and compensation claims from affected individualsIdentity Theft Risk: High (due to exposure of PII and financial data)Payment Information Risk: Moderate (financial information exposed)
DATA BREACH
Personally Identifiable Information (PII)Protected Health Information (PHI)Financial InformationNumber Of Records Exposed: Several thousand (exact number undisclosed)Sensitivity Of Data: High (includes SSN, medical, and financial data)Data Exfiltration: Yes (claimed by RHYSIDA group)Data Encryption: Likely (ransomware attack implies encryption of systems)NameAddressDate of birthSocial Security numberHealth insurance informationMedical records
REFERENCES
Blog URLSource URL
OCTOBER 2025
677Before Incident
SEPTEMBER 2025
676Before Incident
AUGUST 2025
674Before Incident
JULY 2025
672Before Incident
MAY 2025
761Before Incident
Ransomware
01 May 2025Invacare U.S.
Invacare International Holdings Corp.

RHYSIDA Ransomware Attack on Invacare International Holdings Corp.

667After Incident
CRITICAL-94
INV2192521111025
On November 4, 2025, Invacare International Holdings Corp., a medical device manufacturer, fell victim to a RHYSIDA ransomware attack. The attackers breached the company’s systems, encrypted critical files, and exfiltrated sensitive data, including personally identifiable information (PII) and protected health information (PHI)—such as names, addresses, Social Security numbers, financial details, and health records of patients, clients, and employees. The ransomware group threatened to publicly release the stolen data within six to seven days if their demands were not met.The breach poses severe risks, including identity theft, financial fraud, and reputational damage, given the sensitive nature of the exposed data. Invacare has not yet disclosed the full scope of affected individuals or organizations but is collaborating with cybersecurity experts and law enforcement to investigate and mitigate the incident. Affected parties are advised to monitor financial accounts, watch for phishing attempts, and consider credit freezes. The company may offer credit monitoring or identity theft protection as part of its response.
INCIDENT DETAILS -
TYPE
ransomware attack
MOTIVATION
financial extortion
IMPACT
personally identifiable information (PII)protected health information (PHI)namesaddressesemail addressesSocial Security numbersfinancial informationhealth informationBrand Reputation Impact: high (risk of identity theft and fraud due to public data release threat)Identity Theft Risk: highPayment Information Risk: high
DATA BREACH
personally identifiable information (PII)protected health information (PHI)namesaddressesemail addressesSocial Security numbersfinancial informationhealth informationSensitivity Of Data: high (includes PII and PHI)
REFERENCES
Blog URLSource URL

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for Invacare U.S. ?
?
What was Invacare U.S.'s A.I Rankiteo Cyber Score in May 2026 ?
?
What was Invacare U.S.'s A.I Rankiteo Cyber Score in April 2026 ?
?
What was Invacare U.S.'s A.I Rankiteo Cyber Score in March 2026 ?
?
What was Invacare U.S.'s A.I Rankiteo Cyber Score in February 2026 ?
?
What was Invacare U.S.'s A.I Rankiteo Cyber Score in January 2026 ?
?
What was Invacare U.S.'s A.I Rankiteo Cyber Score in December 2025 ?
?
What was Invacare U.S.'s A.I Rankiteo Cyber Score in November 2025 ?
?
What was Invacare U.S.'s A.I Rankiteo Cyber Score in October 2025 ?
?
What was Invacare U.S.'s A.I Rankiteo Cyber Score in September 2025 ?
?
What was Invacare U.S.'s A.I Rankiteo Cyber Score in August 2025 ?
?
What was Invacare U.S.'s A.I Rankiteo Cyber Score in July 2025 ?
?
What is the average per-incident point impact on Invacare U.S.'s A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with Invacare U.S. ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view Invacare U.S.'s profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?