Comparison Overview

Johns Hopkins Medicine

VS

Indiana University Health

Johns Hopkins Medicine

600 N. Wolfe Street, Baltimore, MD, US, 21231
Last Update: 2026-01-23
View Profile
Between 750 and 799
https://http://www.hopkinsmedicine.org/

Johns Hopkins Medicine is a governing structure for the University’s School of Medicine and the health system, coordinating their research, teaching, patient care, and related enterprises. The Johns Hopkins Hospital opened in 1889, followed four years later by the university’s School of Medicine, revolutionizing medical practice, teaching, and research in the United States. The hospital is now part of the Johns Hopkins Health System, which includes two other acute-care hospitals and additional integrated health-care delivery components, with a network of primary and specialty care practices throughout Maryland, outpatient care, long-term care, and home care. The Johns Hopkins University opened in 1876 as America’s first research university, founded for the express purpose of expanding knowledge and putting that knowledge to work for the good of humanity. Two Interconnected Institutions: Over the years, the University and Hospital have grown, and—sometimes jointly, sometimes separately—they have created affiliated organizations. The Johns Hopkins Institutions is a collective name for the University and the Johns Hopkins Health System. The Johns Hopkins University includes nine academic and research divisions, and numerous centers, institutes, and affiliated entities. Johns Hopkins Medicine is a governing structure for the University’s School of Medicine and the health system, coordinating their research, teaching, patient care, and related enterprises.

NAICS: 62
NAICS Definition: Health Care and Social Assistance
Employees: 38,244
Subsidiaries: 25
12-month incidents
0
Known data breaches
1
Attack type number
1
View Profile

Indiana University Health

IU Health Methodist Hospital, Indianapolis, 46206, US
Last Update: 2026-01-23
Between 750 and 799
http://iuhealth.org/

Indiana University Health is Indiana’s largest and most comprehensive system. A unique partnership with the Indiana University School of Medicine—one of the nation’s largest medical schools—gives patients access to groundbreaking research and innovative treatments, and it offers team members access to the latest science and the very best training—advancing healthcare for all. At IU Health, your personal and professional growth is a top priority. You will have access to many diverse opportunities to learn and develop in meaningful ways that matter most to you, such as advanced clinical training, leadership development, promotion opportunities and cross-training development.

NAICS: 62
NAICS Definition: Health Care and Social Assistance
Employees: 19,871
Subsidiaries: 1
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/johns-hopkins-medicine.jpeg
Johns Hopkins Medicine
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/indiana-university-health.jpeg
Indiana University Health
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Johns Hopkins Medicine
100%
Compliance Rate
0/4 Standards Verified
Indiana University Health
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Hospitals and Health Care Industry Average (This Year)

No incidents recorded for Johns Hopkins Medicine in 2026.

Incidents vs Hospitals and Health Care Industry Average (This Year)

No incidents recorded for Indiana University Health in 2026.

Incident History — Johns Hopkins Medicine (X = Date, Y = Severity)

Johns Hopkins Medicine cyber incidents detection timeline including parent company and subsidiaries

Incident History — Indiana University Health (X = Date, Y = Severity)

Indiana University Health cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/johns-hopkins-medicine.jpeg
Johns Hopkins Medicine
Incidents

Date Detected: 5/2023
Type:Breach
Attack Vector: External Hacking
Blog: Blog
https://images.rankiteo.com/companyimages/indiana-university-health.jpeg
Indiana University Health
Incidents

No Incident

FAQ

Indiana University Health company demonstrates a stronger AI Cybersecurity Score compared to Johns Hopkins Medicine company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Johns Hopkins Medicine company has historically faced a number of disclosed cyber incidents, whereas Indiana University Health company has not reported any.

In the current year, Indiana University Health company and Johns Hopkins Medicine company have not reported any cyber incidents.

Neither Indiana University Health company nor Johns Hopkins Medicine company has reported experiencing a ransomware attack publicly.

Johns Hopkins Medicine company has disclosed at least one data breach, while the other Indiana University Health company has not reported such incidents publicly.

Neither Indiana University Health company nor Johns Hopkins Medicine company has reported experiencing targeted cyberattacks publicly.

Neither Johns Hopkins Medicine company nor Indiana University Health company has reported experiencing or disclosing vulnerabilities publicly.

Neither Johns Hopkins Medicine nor Indiana University Health holds any compliance certifications.

Neither company holds any compliance certifications.

Johns Hopkins Medicine company has more subsidiaries worldwide compared to Indiana University Health company.

Johns Hopkins Medicine company employs more people globally than Indiana University Health company, reflecting its scale as a Hospitals and Health Care.

Neither Johns Hopkins Medicine nor Indiana University Health holds SOC 2 Type 1 certification.

Neither Johns Hopkins Medicine nor Indiana University Health holds SOC 2 Type 2 certification.

Neither Johns Hopkins Medicine nor Indiana University Health holds ISO 27001 certification.

Neither Johns Hopkins Medicine nor Indiana University Health holds PCI DSS certification.

Neither Johns Hopkins Medicine nor Indiana University Health holds HIPAA certification.

Neither Johns Hopkins Medicine nor Indiana University Health holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

Typemill is a flat-file, Markdown-based CMS designed for informational documentation websites. A reflected Cross-Site Scripting (XSS) exists in the login error view template `login.twig` of versions 2.19.1 and below. The `username` value can be echoed back without proper contextual encoding when authentication fails. An attacker can execute script in the login page context. This issue has been fixed in version 2.19.2.

Published
Date
2026-01-23
Updated
Date
2026-01-23
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
References
Description

A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the DomainCheckerApp class within domain/script.js of Sourcecodester Domain Availability Checker v1.0. The vulnerability occurs because the application improperly handles user-supplied data in the createResultElement method by using the unsafe innerHTML property to render domain search results.

Published
Date
2026-01-23
Updated
Date
2026-01-23
References
Description

A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Modern Image Gallery App v1.0 within the gallery/upload.php component. The application fails to properly validate uploaded file contents. Additionally, the application preserves the user-supplied file extension during the save process. This allows an unauthenticated attacker to upload arbitrary PHP code by spoofing the MIME type as an image, leading to full system compromise.

Published
Date
2026-01-23
Updated
Date
2026-01-23
References
Description

A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges. To mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above.

Published
Date
2026-01-23
Updated
Date
2026-01-23
Risk Information
cvss3
Base: 6.0
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
cvss4
Base: 6.0
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru 2025-05-28. This unauthenticated endpoint returns a list of cashier accounts, including names, email addresses, usernames, and passwords hashed using MD5. As MD5 is a broken cryptographic function, the hashes can be easily reversed using public tools, exposing user credentials in plaintext. This allows remote attackers to perform unauthorized logins and potentially gain access to sensitive POS operations or backend functions.

Published
Date
2026-01-23
Updated
Date
2026-01-23
References