What is the official website of Block ?

The official website of Block is https://block.xyz/.

What is Block's cybersecurity risk score?

Block has an AI-generated cybersecurity risk score of 746 out of 1000, indicating a Moderate security posture according to Rankiteo's assessment.

How many security incidents has Block experienced?

According to Rankiteo, Block currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Block been affected by any supply chain cyber incidents ?

According to Rankiteo, Block has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does Block have SOC 2 Type 1 certification ?

According to Rankiteo, Block is not certified under SOC 2 Type 1.

Does Block have SOC 2 Type 2 certification ?

According to Rankiteo, Block does not hold a SOC 2 Type 2 certification.

Does Block comply with GDPR ?

According to Rankiteo, Block is not listed as GDPR compliant.

Does Block have PCI DSS certification ?

According to Rankiteo, Block does not currently maintain PCI DSS compliance.

Does Block comply with HIPAA ?

According to Rankiteo, Block is not compliant with HIPAA regulations.

Does Block have ISO 27001 certification ?

According to Rankiteo,Block is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Block operate in ?

Block operates primarily in the Financial Services industry.

How many employees does Block have ?

Block employs approximately 13,182 people worldwide.

Does Block own any subsidiaries ?

Block presently has no subsidiaries across any sectors.

How many LinkedIn followers does Block have ?

Block's official LinkedIn profile has approximately 165,867 followers.

What is the NAICS classification code for Block ?

Block is classified under the NAICS code 52, which corresponds to Finance and Insurance.

Does Block have a Crunchbase profile ?

No, Block does not have a profile on Crunchbase.

Does Block have a LinkedIn profile ?

Yes, Block maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/joinblock.

How many cybersecurity incidents has Block experienced ?

As of June 12, 2026, Rankiteo reports that Block has experienced 1 cybersecurity incidents.

How many peer or competitor companies does Block have ?

Block has an estimated 32,069 peer or competitor companies worldwide.

What types of cybersecurity incidents has Block faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Breach.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

Block

Boost Score +25 with badge (5 left)

746

/1000

Moderate

771

/1000

Fair

Block Vendor Cyber Rating & Cyber Score

block.xyz

Add Your Compliance Badge

Block is one company built from many blocks, all united by the same purpose of economic empowerment. The blocks that form our foundational teams — People, Finance, Counsel, Hardware, Information Security, Platform Infrastructure Engineering, and more — provide support and guidance at the corporate level. They work across business groups and around the globe, spanning time zones and disciplines to develop inclusive People policies, forecast finances, give legal counsel, safeguard systems, nurture new initiatives, and more. Every challenge creates possibilities, and we need different perspectives to see them all. Bring yours to Block.

Block A.I CyberSecurity Scoring

Scoring History

Block

Block CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Block

Breach

12/2021

JOI190221909102...

Loading…

A.I.

Block Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for Block

Incidents vs Financial Services Industry Avg (This Year)

No incidents recorded for Block in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Block in 2026.

Incident Types Block vs Financial Services Industry Avg (This Year)

No incidents recorded for Block in 2026.

Incident History - Block (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Block Subsidiaries

Parent Company

Block

Financial Services

Website: https://block.xyz/

Company Size: 10,000+ employees

No subsidiary data available for this company.

Loading…

Block Similar Companies

Transamerica

transamerica.com

Longer lifespans are changing the way we exist. Instead of the traditional stages of learn, work, and retire, we now have the potential for a more fulfilling, multi-stage life. With this opportunity comes the need to plan for it. We enable financial professionals, brokers, agents, advisors, and employers to energize clients and employees to seize the possibilities longevity brings. So, no matter where someone is on their journey, we can help them pursue the freedom to live the life they want. Transamerica. Live your best life. Securities distributed by Transamerica Capital, Inc. Social terms: https://www.transamerica.com/social-media-guidelines

Banco Davivienda

cb davivienda.com

En Davivienda creemos en un mundo financiero sin barreras que facilite la vida a las personas, las empresas, las ciudades y municipios. Por esta razón hoy somos más de 19.000 personas innovando y creando cada día soluciones y ofertas exclusivas para 10 millones de clientes que permitan una mayor inclusión financiera y un mayor desarrollo sostenible.

Bank of America Merrill Lynch

bofaml.com

From local communities to global markets, we are dedicated to shaping the future responsibly and helping clients thrive in a changing world. “Bank of America Merrill Lynch” is the marketing name for the global banking and global markets businesses of Bank of America Corporation. Bank of America is a marketing name for the Retirement Services business of Bank of America Corporation. Lending, derivatives, and other commercial banking activities are performed globally by banking affiliates of Bank of America Corporation, including Bank of America, N.A., Member FDIC. Securities, strategic advisory, and other investment banking activities are performed globally by investment banking affiliates of Bank of America Corporation (“Investment Banking Affiliates”), including, in the United States, BofA Securities, Inc., Merrill Lynch, Pierce, Fenner & Smith Incorporated, and Merrill Lynch Professional Clearing Corp., all of which are registered broker-dealers and Members of SIPC, and in other jurisdictions, by locally registered entities. BofA Securities, Inc., Merrill Lynch, Pierce, Fenner & Smith Incorporated and Merrill Lynch Professional Clearing Corp. are registered as futures commission merchants with the CFTC and are members of the NFA. Investment products: Are Not FDIC Insured May Lose Value Are Not Bank Guaranteed Any opinions, views, statements, estimates or projections (“posts”) posted on this web page are solely those of the individual author(s). As such, posts by an employee of BofAML or any of its affiliates are solely those of such employee or agent and do not necessarily reflect the views of BofAML. BofAML is not responsible for the content, or output of external websites. For Terms and Conditions and Disclaimers, please visit go.bofaml.com/social. Bank of America LinkedIn Community Guidelines can be found at: http://about.bankofamerica.com/en-us/social-media/linkedin-community-guidelines.html

Lars Larsen Group

larslarsengroup.com

Lars Larsen Group is owned by the Brunsborg family, descendants of JYSK founder Lars Larsen. The Group owns companies within a number of business areas including furniture, interior design, restaurants and hotels, and is also an active investor in equities, funds, and real estate. The Group is to this day operated in accordance with the family’s fundamental values of tradesmanship, responsibility and growth.

State Street

cb statestreet.com

At State Street, we deliver leading investment platforms, data, expertise, and solutions that accelerate performance and better decision making. With over 200 years of global financial leadership, we equip institutional investors through a comprehensive suite of capabilities: Investment Services: Integrated front-to-back solutions across custody, accounting, and operations. Investment Management: Index and active strategies from one of the world’s largest asset managers. Markets: Multi-asset trading, FX solutions, and data-driven research to enhance portfolio value. Who We Are • 50,000+ employees worldwide • Active in 100+ markets • #1 in ETF servicing What You’ll Find Here • Executive perspectives and thought leadership • Timely market commentary and macro insights • Our views on investment operations, ETFs, private markets, and digital finance • Stories reflecting our culture, values and commitment to diversity and inclusion

M&T Bank

mtb.com

Great companies have an enduring sense of purpose. At M&T, our purpose is a simple one: make a difference in people’s lives and uplift the communities we serve. Founded in 1856 in Buffalo, NY we are now a top 11 full-service US-based commercial bank with a retail footprint across the east coast and wealth services available nationwide and abroad. As a bank, we offer advice, guidance, expertise, and solutions across the entire financial spectrum that combines M&T’s traditional banking services with the wealth management and institutional capabilities offered by Wilmington Trust. We are a community-minded organization with more than 167 years of experience. We serve customers, community, and colleagues whether they be across the street, across the state or across the country. As an employer of choice, we are proud to offer competitive benefits ranging from medical and retirement to forty hours of paid volunteer time, each year. Our core values drive the work we do – integrity, ownership, collaboration, curiosity, candor and we seek to further build upon our record of success by bringing in top talent and fresh skill sets while continuing to support the growth and development of all our team members. M&T Bank is unwavering when it comes to providing equal employment opportunities to all employees and applicants without regard to race, color, national origin, religion, ethnicity, sex, gender identity, age, disability, citizenship, pregnancy, veteran status, military status, marital status, sexual orientation, genetic information or any other characteristic protected under applicable federal, state or local laws.

Absa Group

absa.africa

Absa Group Limited (Absa) has forged a new way of getting things done, driven by bravery and passion, with the readiness to realise growth on the African continent and beyond. We’re a truly African brand, inspired by the people we serve in Botswana, Ghana, Kenya, Mauritius, Mozambique, Seychelles, South Africa, Tanzania, Uganda, and Zambia. We also have representative offices in China, Namibia, Nigeria and the United States, as well as securities entities in the United Kingdom and the United States, along with technology support colleagues in the Czech Republic.

DNB

dnb.no

We are here. So you can stay ahead. For nearly two hundred years we have acquired and shared knowledge, developed global networks and adapted to modern everyday life. To us, it is important to combine profitability with responsibility. DNB is Norway's largest financial services group and one of the largest in the Nordic region in terms of market capitalisation. The Group offers a full range of financial services, including loans, savings, advisory services, insurance and pension products for retail and corporate customers. DNB’s bank branches in Norway, in-store postal and banking outlets, Post office counters, Internet banking, mobile services and international offices ensure that we are present where our customers are. We are a major operator in a number of industries, for which we also have a Nordic or international strategy. DNB is one of the world’s leading shipping banks and has a strong position in the energy sector, and the fisheries and seafood industry. As an international financial institution we offer a wide range of services from our offices around the globe. At DNB you can find career opportunities in many fields, and with offices in 22 countries we are dependent on employees with different backgrounds and skills - all equally important for DNB's performance.

Manappuram Finance Limited

cb manappuram.com

Manappuram Finance Ltd. is one of India’s largest and most trusted gold loan companies, with 4,199 branches across the length and breadth of the country. It currently has nearly Rs. 157.65 billion worth assets under management (AUM), and 20,185 employees. Promoted by Shri. V.P. Nandakumar, the current MD & CEO, the company was founded in the modest coastal village of Valapad (Thrissur District) by his late father Mr. V.C. Padmanabhan in 1949. The first non-banking financial company (NBFC) in Kerala to receive a Certificate of Registration issued by the RBI, it was also among the earliest to go for an IPO in 1995. In 2007 Sequoia Capital invested Rs.700 million along with Hudson Equity Holdings, heralding a period of accelerated growth, and in 2010 it became the first NBFC in Kerala to obtain the highest short term credit rating of A1+ from ICRA. In 2010, it became the first Kerala-based NBFC to offer ESOPs (Employee Stock Option Plan) to its middle and senior management functionaries. As a pioneer and trailblazer, Manappuram Finance Ltd. has always been an innovator par excellence in the gold loan product and the adoption of technology. Besides focus on the business, the cause of the wider community is central to the vision of the company. The Manappuram Foundation was established in October 2009 to drive the company’s initiatives in Corporate Social Responsibility (CSR). In recent years, the company has diversified into new business areas like micro-finance, vehicle and housing finance, and SME lending through the subsidiaries Manappuram Home Finance Ltd, Manappuram Insurance Brokers Ltd, and Asirvad Microfinance Limited. Our mission is to make life easy for common people of India with instant and easy loans, with a vision of unlocking the value of their savings in gold jewellery.

Loading…

NEWS

Block CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

March 28, 2026 02:47 AM

Windows 11 and Server 2025 Update to Block Untrusted Cross-Signed Kernel Drivers by Default

Microsoft will block untrusted cross-signed drivers by default, allowing only certified drivers and reducing kernel attack risks.

Read Article

March 16, 2026 11:54 AM

Android 17 Advanced Protection Mode to Block Malicious Service Usage

Android 17 from Google will introduce new APIs and system features aimed at improving device security, privacy, and debugging performance.

Read Article

March 16, 2026 07:00 AM

Microsoft to Block Windows 11 and Server 2025 Automated Installation After Critical RCE Vulnerability

Microsoft has announced a two-phase plan to disable the hands-free deployment feature in Windows Deployment Services (WDS) following the...

Read Article

February 25, 2026 08:00 AM

Republicans Block Bill to Fund Disaster Relief, Transportation Security, Cybersecurity, Secret Service, Coast Guard and More

The bill I introduced would fully fund every agency under DHS, except for ICE, CBP, and the Office of the Secretary. ... It is shameful that...

Read Article

February 17, 2026 08:00 AM

European Parliament blocks AI on lawmakers’ devices, citing security risks

The European Parliament has reportedly blocked lawmakers from using the baked-in AI tools on their work devices, citing cybersecurity and...

Read Article

February 16, 2026 08:00 AM

EU Parliament blocks AI tools over cyber, privacy fears

AI features on EU devices sent data to cloud, prompting the Parliament's IT support to switch them off.

Read Article

February 03, 2026 08:00 AM

UAE cyber systems block 90,000 attacks on World Governments Summit

UAE cyber systems block 90,000 attacks on World Governments Summit.

Read Article

January 23, 2026 08:00 AM

CertiK eyes IPO at $2 billion valuation as it targets 'first public web3 cybersecurity' listing

CertiK co-founder Ronghui Gu said the cybersecurity firm is exploring paths to go public in an interview this week in Davos, Switzerland.

Read Article

January 23, 2026 08:00 AM

You Can't Block Space Internet

The latest edition of the Seriously Risky Business cybersecurity newsletter, now on Lawfare.

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-47238

SUMMARY

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #133, a normal authenticated user can edit another user's video subtitles because of a lack of authorization. They can upload subtitles, edit their name or delete them. This issue has been patched in version 5.5.3 - #133.

Published

Date2026-06-11

Updated

Date2026-06-11

RISK INFORMATION (Score: 6.5)

cvss3

Base Score: 6.5

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Impact Score

2.5

Exploitability

3.9

REFERENCES

https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-x468-whmw-c863

CVE-2026-45418

SUMMARY

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #132, any authenticated user who can upload videos can add multiple subtitles from different files and change their title (English, Spanish...). The POST /actions/subtitle_edit.php request used to change their title includes a number parameter which is vulnerable to SQL Injection. A boolean-based blind SQL injection can be used to exfiltrate sensitive data. This issue has been patched in version 5.5.3 - #132.

Published

Date2026-06-11

Updated

Date2026-06-11

RISK INFORMATION (Score: 8.8)

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

2.8

REFERENCES

https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-q233-m544-6jqr

CVE-2026-45060

SUMMARY

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #129, the actions/progress_video.php endpoint is vulnerable to blind SQL injection. Any unauthenticated user can exploit the ids parameter to execute SQL queries and exfiltrate sensitive data. This issue has been patched in version 5.5.3 - #129.

Published

Date2026-06-11

Updated

Date2026-06-11

RISK INFORMATION (Score: 9.8)

cvss3

Base Score: 9.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

3.9

REFERENCES

https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-wpq3-gxx7-c76h

CVE-2026-42846

SUMMARY

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #140, ClipBucket's Remote Play feature allows any authenticated user to add a video by importing an external URL as the source. Some shell commands are run with the URL as a parameter. The URL is concatenated directly into shell commands without escaping then executed, so any shell metacharacter in the URL is interpreted. This results in arbitrary command execution. This issue has been patched in version 5.5.3 - #140.

Published

Date2026-06-11

Updated

Date2026-06-11

RISK INFORMATION (Score: 9.8)

cvss3

Base Score: 9.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

3.9

REFERENCES

https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-hvfx-hxmr-28c7

CVE-2026-6250

SUMMARY

An authenticated format string vulnerability exists in the ONVIF service of Tapo C110 v2 due to improper handling of user-controlled input. Externally controlled data is interpreted as a format string, which can be used to manipulate stack memory, including control flow data such as return addresses. A remote authenticated attacker may redirect execution flow to existing internal functions, triggering an unauthorized factory reset, leading to loss of configuration, deletion of stored credentials and service disruption.

Published

Date2026-06-11

Updated

Date2026-06-11

RISK INFORMATION (Score: )

cvss4

Base Score: 7.0

Complexity: LOW

CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…