What is the official website of Kohl's ?

The official website of Kohl's is http://careers.kohls.com.

What is Kohl's's cybersecurity risk score?

Kohl's has an AI-generated cybersecurity risk score of 774 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has Kohl's experienced?

According to Rankiteo, Kohl's currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Kohl's been affected by any supply chain cyber incidents ?

According to Rankiteo, Kohl's has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does Kohl's have SOC 2 Type 1 certification ?

According to Rankiteo, Kohl's is not certified under SOC 2 Type 1.

Does Kohl's have SOC 2 Type 2 certification ?

According to Rankiteo, Kohl's does not hold a SOC 2 Type 2 certification.

Does Kohl's comply with GDPR ?

According to Rankiteo, Kohl's is not listed as GDPR compliant.

Does Kohl's have PCI DSS certification ?

According to Rankiteo, Kohl's does not currently maintain PCI DSS compliance.

Does Kohl's comply with HIPAA ?

According to Rankiteo, Kohl's is not compliant with HIPAA regulations.

Does Kohl's have ISO 27001 certification ?

According to Rankiteo,Kohl's is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Kohl's operate in ?

Kohl's operates primarily in the Retail industry.

How many employees does Kohl's have ?

Kohl's employs approximately 54,385 people worldwide.

Does Kohl's own any subsidiaries ?

Kohl's presently has no subsidiaries across any sectors.

How many LinkedIn followers does Kohl's have ?

Kohl's's official LinkedIn profile has approximately 293,768 followers.

What is the NAICS classification code for Kohl's ?

Kohl's is classified under the NAICS code 43, which corresponds to Retail Trade.

Does Kohl's have a Crunchbase profile ?

Yes, Kohl's has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/kohl-s.

Does Kohl's have a LinkedIn profile ?

Yes, Kohl's maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/kohls-department-stores.

How many cybersecurity incidents has Kohl's experienced ?

As of June 6, 2026, Rankiteo reports that Kohl's has not experienced any cybersecurity incidents.

How many peer or competitor companies does Kohl's have ?

Kohl's has an estimated 15,825 peer or competitor companies worldwide.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

Kohl's

Boost Score +25 with badge (5 left)

774

/1000

Fair

799

/1000

Fair

Kohl's Vendor Cyber Rating & Cyber Score

kohls.com

cb in

Add Your Compliance Badge

Kohl’s is a leading omnichannel retailer with more than 1,100 stores in 49 states. Kohl's business is built on a solid foundation of more than 60 million customers, an unmatched brand portfolio, industry-leading loyalty and Kohl's Card programs, a convenient and accessible nationwide store footprint, and large digital business on Kohls.com and the Kohl's mobile app.

Kohl's A.I CyberSecurity Scoring

Scoring History

Kohl's

Kohl's CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

No data available

Loading…

A.I.

Kohl's Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for Kohl's

Incidents vs Retail Industry Avg (This Year)

No incidents recorded for Kohl's in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Kohl's in 2026.

Incident Types Kohl's vs Retail Industry Avg (This Year)

No incidents recorded for Kohl's in 2026.

Incident History - Kohl's (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Kohl's Subsidiaries

Kohl's

Retail

Website: http://careers.kohls.com

Company Size: 10,001+ employees

Kohl's CampusRetail

Loading…

Kohl's Similar Companies

Advance Auto Parts

advanceautoparts.com

Advance Auto Parts, Inc. is a leading automotive aftermarket parts provider that serves both professional installers and do-it-yourself customers. As of October 5, 2024, Advance operated 4,781 stores primarily within the United States, with additional locations in Canada, Puerto Rico and the U.S. Virgin Islands. The company also served 1,125 independently owned Carquest branded stores across these locations in addition to Mexico and various Caribbean islands. Additional information about Advance, including employment opportunities, customer services and online shopping for parts, accessories and other offerings can be found at www.AdvanceAutoParts.com.

Indomaret Group

indomaretgroup.com

Originated from the idea to facilitate the provision of employees’ basic daily needs, a store, known as Indomaret, was established in 1988. As the store developed, the Company were interested to further explore and understand the consumers’ various needs and shopping behaviors. Hence, several employees were assigned to observe and examine the community’s buying behavior. It was concluded that people would rather shop in modern stores due to more choices of quality products, fixed competitive prices, as well as comfortable atmosphere. With knowledge about consumers’ needs, store management skill, community’s shifting shopping behavior towards modern outlets, came forth the desire to further serve Indonesia nationwide. This was realized when Indomaret were registered as a legal entity, PT. Indomarco Prismatama, with a vision of “becoming an excellent retail network” and emphasizing on the “easy and economical” motto. Indomaret aims to grow rapidly by expanding its business and services to satisfy its customers. The business sectors has owned up to this point are Retail (Indomaret), Grocery (Indogrosir), Shopping Plaza (BSD Plaza), Food & Beverage (Yummy Choice), Bakery (Mr. Bread & Saybread & Mr. Donut), Japanese Restaurant (Osaka Food & Washoku Sato), and IT Consultant (AGCI). In the 20th century, Indomaret Group continuously evolve throughout all the capital city of the province and globally supported by up to 100.000 high competence human resources.

Conad

cb conad.it

PERSONE OLTRE LE COSE. Conad è una storia fatta di imprenditori, commercianti, clienti e comunità. Un lungo viaggio che inizia nella metà degli anni ’60: nel 1962 nasce a Bologna il Consorzio Nazionale Dettaglianti, una società cooperativa a responsabilità limitata costituita da 14 gruppi d’acquisto e 420 soci dettaglianti. Conad rappresenta un’azienda che ha sempre promosso l’associazionismo, modello che ancora oggi è il tratto distintivo nel panorama della grande distribuzione. Il nostro successo è anche quello raggiunto grazie imprenditori che hanno scelto liberamente di mettersi assieme nella consapevolezza del ruolo centrale della persona, delle sue ambizioni e dell’importanza di valorizzarne le potenzialità. La nostra offerta nasce dal nostro costante ascolto della comunità con la quale, attraverso la nostra prossimità al territorio, dialoghiamo ogni giorno per conoscerne le esigenze e i bisogni. 6 cooperative, 2.300 soci e i 3.174 punti vendita: questa è Conad oggi. Un’azienda che da sempre mette in primo piano le persone, oltre le cose.

Boxer Superstores

boxerinvestor.co.za

Boxer Superstores is one of Southern Africa’s fastest-growing discount supermarket chains, driven by a strong commitment to affordability, accessibility, and community. With operations across every province in South Africa and into the Kingdom of eSwatini, Boxer stands proudly as a full-service discount retail leader with a bold vision: to be Africa’s favourite discount supermarket. Headquartered in KwaZulu-Natal, Boxer has grown into a dynamic, diversified retail business offering far more than groceries. Our integrated operations include: Boxer Superstores (core retail) Boxer Liquors Boxer Build A dedicated Meat Factory Advanced Supply Chain and Distribution Centres Today, more than 33,000 team members power our mission and uphold our enduring brand promise: “Never pay more than the Boxer price.” This guiding principle shapes every part of our business—from pricing and product selection to customer experience and community partnerships. At Boxer, we’re passionate about building value for our customers, our people, and our partners. Through inclusive employment, continuous skills development, and ongoing innovation across all divisions, we’re creating a sustainable, forward-looking business that delivers meaningful social and economic impact across Southern Africa.

SPAR International

spar-international.com

The worldwide SPAR organisation operates over 13,800 SPAR stores in 48 countries on four continents, meeting the needs of over 14,7 million consumers every day. The SPAR concept was established on the basis of wholesalers and retailers working in partnership to the benefit of all, including customers. The cornerstone of this partnership is a commitment to the open exchange of knowledge and information. This commitment is a hallmark of the organisation and is intimately connected to the sense of SPAR as a family. Today, SPAR is the world's largest food retail voluntary chain with a rapidly growing presence globally. SPAR located in central Amsterdam is the custodian of the SPAR brand worldwide and unites the scale and resources of the global group, providing strategies and a wide scope of service to grow our brand, our retail operations and our presence worldwide.

华润创业有限公司

cre.com.hk

Founded in 1992, China Resources Enterprise, Limited is the Hong Kong flagship subsidiary of China Resources (Holdings) Company Limited in the comprehensive consumer goods and retail services businesses. The Company focuses on three businesses: beer, food and beverage. For the beer division, China Resources Beer (Holdings) Company Limited is listed on the Hong Kong Stock Exchange under the stock code 291.HK. It is the parent company of China Resources Snow Breweries Limited, the largest beer manufacturer, seller and distributor in China. Since 2008, "雪花 Snow" has become the world 's best-selling single beer brand by volume. Regarding the Group’s food business, China Resources Ng Fung Limited is an outstanding integrated food products enterprise, which combines research and development, production, processing, wholesale, retail, logistics and international trading. The division is primarily engaged in the businesses of rice, meat, frozen food, imported food and modern agriculture, as well as the operation of China Resources Hope Town development projects across Mainland China and Hong Kong. It is also affectionately known as “Hong Kong’s Food Basket”. The beverage division – China Resources C'estbon Kirin Beverage (Holdings) Company Limited –is one of the leading beverage companies in China. Its main business is the manufacturing and sales of purified drinking water product under the brand “怡寶C'estbon”. “怡寶C'estbon” purified water has been recognized as a renowned brand product in China, and also a famous and most competitive brand in China. It strives to build itself into a leading Chinese beverage company with diversified products. Looking ahead, CRE will continue to build on the strategy of “market leadership with outstanding brands, operational excellence and synergies among its businesses”, and endeavor to become a world renowned retail and consumer goods company.

OXXO

oxxo.com

Somos la cadena de tiendas de conveniencia más grande de México y América Latina, con 45 años de experiencia y más de 22 mil establecimientos ubicados a lo largo de la República Mexicana, Colombia, Perú, Chile y Brasil. En OXXO como compañía 100% mexicana y como parte de la División Proximidad de FEMSA, tenemos el objetivo de generar valor económico y social en las comunidades en las que operamos. Abrimos nuestras puertas para satisfacer las necesidades cotidianas de nuestros clientes a través de productos y servicios de calidad. Cada apertura nos permite continuar impulsando la generación de empleos, desarrollo de proveedores y contribuir a la calidad de vida de nuestros vecinos con acciones para mejorar su entorno. #OXXOALaVueltaDeTuVida

Kmart Australia Limited

kmart.com.au

We’re Team Kmart, on a mission to make everyday living brighter for our customers by improving the Kmart shopping experience – every time and everywhere they engage with us. For over fifty years now, we’ve been spreading the Kmart love to families of all shapes and sizes in Australia, then New Zealand, and now right across the world! We’re the place where families come first for the lowest prices on everyday items – it’s our vision and it’s what we do with passion. Today, Kmart has more than 300 stores across Australia and New Zealand and is recognised as one of the most profitable discount department stores in Australia. With over 40,000 Kmart superstars who are all focused on giving our customers the products that they love at the lowest prices, it truly is an exciting time to be a part of our Kmart family – and there’s never been a better time to join us then now! To find out more information, scroll through our LinkedIn page, or, we’d be happy to welcome you online at www.kmart.com.au Did you know we’re a part of something bigger? Owned by Wesfarmers Limited, the Kmart Group family comprises of Kmart Australia and New Zealand, Target Australia, Catch Australia and KAS Group Asia. The Group operates 520 stores across Australia and New Zealand, has offices in Australia and around the world, and employs more than 46,000 team members all focused on delivering products that our customers love. Together, the Kmart Group is creating an even more satisfying shopping experience for all of our customers, no matter where they are in the world.

Coop

coopjobs.ch

Coop has been an integral part of Switzerland for over 150 years and acts with a sense of responsibility for its people, its regions and its ecosystems. As a retailer, wholesaler and producer, we deliver quality and are proud of our numerous brands and products. The diversity of our teams and tasks enriches us and promotes our personal development. We also approach one another in an open, interested manner, without prejudice, and we pursue ambitious goals together.

Loading…

NEWS

Kohl's CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

March 20, 2026 02:32 AM

Kohl’s Corporation 10-K Annual Report: Business Overview, Competition, Risk Factors, and Cybersecurity Strategy

Posted on March 20, 2026 at 10:32 am (GMT+8). 174. Views. Share on Facebook · Share on Twitter. Kohl's Corporation 2025 Annual Report: Key Highlights and...

Read Article

March 19, 2026 08:10 PM

Kohl’s (NYSE: KSS) boosts 2025 profit and cash flow as sales decline

Kohl's 2025 net sales fell 4% to $14.8B, but margins, operating income and $1.4B in operating cash flow improved.

Read Article

February 12, 2026 08:00 AM

ServiceNow buys Israeli BI co Pyramid Analytics

The acquisition price is estimated to be a few hundred million dollars, giving investors a low return.

Read Article

December 12, 2025 08:00 AM

Google.org supports Cybersafe Foundation in 3-year cybersecurity resilience project tagged Resilio Africa

CyberSafe Foundation, with funding support from Google.org will launch Resilio Africa, a 3-year cybersecurity resilience project that aims...

Read Article

December 01, 2025 08:00 AM

MicroAge Appoints Larry Gentry as CEO

PHOENIX, December 1, 2025 (Newswire.com) - MicroAge®, announced today that Larry Gentry has been appointed Chief Executive Officer,...

Read Article

November 21, 2025 08:00 AM

Cramer's week ahead: Earnings from Burlington, Best Buy, Kohl's and Dell

CNBC's Jim Cramer on Friday walked investors through next week on Wall Street. He highlighted earnings reports from a number of major...

Read Article

September 15, 2025 07:00 AM

70 CIOs On the Move

This month, we're celebrating 70 visionary CIOs, CTOs, and CISOs stepping into influential leadership positions across a variety of sectors.

Read Article

June 12, 2025 07:00 AM

Ingram Micro Named 2025 Global Distribution Partner of the Year by Arctic Wolf

Fifth straight year of recognition underscores Ingram Micro's broad and deep expertise in Cybersecurity and proven success helping mutual...

Read Article

February 25, 2025 08:00 AM

Year in Review: 2024 Web Tracking Litigation and Enforcement

In 2024, plaintiffs across the United States filed various class action cases related to web tracking technology employed by companies to enhance user...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-7654

SUMMARY

The Admin Columns plugin for WordPress is vulnerable to PHP Object Injection leading to Remote Code Execution in versions up to and including 7.0.18. This is due to the use of `unserialize()` without an `allowed_classes` restriction in the `IdsToCollection::get_ids_from_string()` function, which processes attacker-controlled post meta values without proper validation. This makes it possible for authenticated attackers with Contributor-level access and above to inject a serialized PHP object into a post's custom meta field and trigger arbitrary code execution by exploiting a bundled POP gadget chain, resulting in remote code execution as the web server user.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: 8.8)

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-7523

SUMMARY

The Alba Board plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.1.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to access arbitrary private alba_card post data, including title, description, assignee, due date, tags, and comments, that is intended to be restricted to Administrators and Editors. The handler is registered via the wp_ajax_nopriv_ hook and its nonce is exposed to all site visitors through wp_localize_script on pages containing the [alba_board] shortcode, making this exploitable by unauthenticated users who can access any such page.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: 4.3)

cvss3

Base Score: 4.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Impact Score

1.4

Exploitability

2.8

REFERENCES

CVE-2026-45409

SUMMARY

Internationalized Domain Names in Applications (IDNA) for Python provides support for Internationalized Domain Names in Applications (IDNA) and Unicode IDNA Compatibility Processing. In versions prior to 3.15, payloads such as `"\u0660" * N` or `"\u30fb" * N + "\u6f22"` utilize the `valid_contexto` function prior to length rejection, and for high values of `N` will take a long time to process. This is the same issue as CVE-2024-3651, however the original remediation in 2024 was not a complete fix. A specially crafted argument to the `idna.encode()` function could consume significant resources. This may lead to a denial-of-service. Starting in version 3.14, the function rejects long inputs as soon as practicable prior to any further processing to minimize resource consumption. In version 3.15, this approach was extended to lesser used alternate functions (i.e. per-label conversions and codec support). A workaround is available. Domain names cannot exceed 253 characters in length. If this length limit is enforced prior to passing the domain to the `idna.encode()` function, it should no longer consume significant resources. This is triggered by arbitrarily large inputs that would not occur in normal usage, but may be passed to the library assuming there is no preliminary input validation by the higher-level application.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: )

cvss4

Base Score: 6.9

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

https://github.com/kjd/idna/security/advisories/GHSA-65pc-fj4g-8rjx

CVE-2026-11431

SUMMARY

A path traversal vulnerability exists in the Projects Service download endpoint shared by Altium Enterprise Server and Altium 365. An authenticated user can supply a crafted path parameter that bypasses validation, allowing arbitrary files (including entire directories returned as archives) to be read from the server filesystem. Because the readable files include service configuration and credential material, exploitation can be used to gather information enabling further compromise. The issue can be combined with CVE-2026-11424 to reach the cloud-side endpoint. On multi-tenant Altium 365 deployments, the readable configuration could have exposed credentials shared across services. Altium Enterprise Server is fixed in 8.1.1; the issue has been remediated in Altium 365 at the service level.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: )

cvss4

Base Score: 8.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

https://www.altium.com/platform/security-compliance/security-advisories

CVE-2026-11429

SUMMARY

A path traversal vulnerability exists in the Git Service component shared by Altium Enterprise Server and Altium 365. The service accepts a sequence of post-clone file-manipulation operations that use user-supplied paths without validation, allowing an authenticated user with basic git access to move arbitrary files outside the intended repository area. This file-move primitive can be used to place attacker-controlled script content into directories where it is later executed by the service, resulting in remote code execution under the Git Service account. On multi-tenant Altium 365 deployments, this could have allowed access to data belonging to other tenants on the same infrastructure node. Altium Enterprise Server is fixed in 8.1.1; the issue has been remediated in Altium 365 at the service level.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: )

cvss4

Base Score: 9.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

https://www.altium.com/platform/security-compliance/security-advisories

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…