Київстар
Company Details
Linkedin ID:
kyivstar
Website:
Employees number:
3,227
Number of followers:
38,541
NAICS:
517
Industry Type:
Homepage:
kyivstar.ua
IP Addresses:
197
Company ID:
КИЇ_2703728
Scan Status:
Completed
Київстар Company CyberSecurity Posture
kyivstar.ua
Київстар – найбільший український оператор електронних комунікацій, що станом на березень 2023 року обслуговував 24,3 млн абонентів мобільного зв’язку та понад 1,1 млн абонентів «Домашнього інтернету». Компанія надає послуги з використанням широкого спектра мобільних і фіксованих технологій, у тому числі 4G, Big Data, Cloud solutions, сервіси для кіберзахисту, цифрове ТБ та ін. Київстар допомагає абонентам, суспільству та країні долати складнощі воєнного часу. На липень 2023 року компанія надала гуманітарної допомоги країні, абонентам, ЗСУ на суму майже 1,1 млрд грн, а також інвестувала 6,7 млрд грн у відбудову та розвиток телеком мережі. Акціонер Київстар – міжнародна Група VEON. Акції Групи знаходяться на фондових біржах NASDAQ (Нью-Йорк) та Euronext (Амстердам). Київстар 25 років працює в Україні та визнаний найбільшим платником податків на телеком-ринку, кращим роботодавцем і соціально відповідальною компанією.
Київстар A.I CyberSecurity Scoring
Київстар Risk Score (AI oriented)Between 750 and 799
Київстар
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Київстар Global Score (TPRM)XXXX
Київстар
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Київстар Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Київстар
Cyber Attack
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The primary telecom operator in Ukraine, Kyivstar, reports that it has been the victim of a "powerful hacker attack." Customers were left without internet or mobile service as a result of the attack, which also caused the air raid sirens in the northeastern city of Sumy to malfunction. Over 25 million people use Kyivstar's mobile service, while one million people use its home internet. The company used its social media channels to notify its clients about the outage due to the disruption to its website.
Київстар Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Київстар
Incidents vs Telecommunications Industry Average (This Year)
No incidents recorded for Київстар in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Київстар in 2026.
Incident Types Київстар vs Telecommunications Industry Avg (This Year)
No incidents recorded for Київстар in 2026.
Incident History — Київстар (X = Date, Y = Severity)
Київстар cyber incidents detection timeline including parent company and subsidiaries
Київстар Company Subsidiaries
Київстар – найбільший український оператор електронних комунікацій, що станом на березень 2023 року обслуговував 24,3 млн абонентів мобільного зв’язку та понад 1,1 млн абонентів «Домашнього інтернету». Компанія надає послуги з використанням широкого спектра мобільних і фіксованих технологій, у тому числі 4G, Big Data, Cloud solutions, сервіси для кіберзахисту, цифрове ТБ та ін. Київстар допомагає абонентам, суспільству та країні долати складнощі воєнного часу. На липень 2023 року компанія надала гуманітарної допомоги країні, абонентам, ЗСУ на суму майже 1,1 млрд грн, а також інвестувала 6,7 млрд грн у відбудову та розвиток телеком мережі. Акціонер Київстар – міжнародна Група VEON. Акції Групи знаходяться на фондових біржах NASDAQ (Нью-Йорк) та Euronext (Амстердам). Київстар 25 років працює в Україні та визнаний найбільшим платником податків на телеком-ринку, кращим роботодавцем і соціально відповідальною компанією.
Loading...
Київстар Similar Companies
Huawei is a leading global provider of information and communications technology (ICT) infrastructure and smart devices. With integrated solutions across four key domains – telecom networks, IT, smart devices, and cloud services – we are committed to bringing digital to every person, home and organi
Telemont
Fundada em 1975, a Telemont Engenharia de Telecomunicações S/A é líder na prestação de serviços de implantação, manutenção e operação de redes de telecomunicações. São 7,7 milhões de acessos de voz, 3 milhões de ADSL e dados e 63 mil km de fibra óptica operados pela empresa. Através da Telemont I
T-Mobile
As the supercharged Un-carrier, T-Mobile US, Inc. (NASDAQ: TMUS) is powered by an award-winning 5G network that connects more people, in more places, than ever before. With T-Mobile’s unique value proposition of best network, best value, and best experiences, the Un-carrier is redefining connectivit
Reliance Communications
Reliance Communications Limited, founded by the late Shri Dhirubhai H Ambani (1932-2002), has Corporate clientele that includes 40,000 Indian and multinational corporations, including small and medium enterprises. Reliance Communications has established a pan-India, Next-Generation, digital network
yes
תכירו את השחקנים הראשיים שלנו: העובדות והעובדים. אנחנו לא עובדים עם תסריט קבוע, חושבים מחוץ לקופסא, ומייצרים ז'אנר משלנו. כש-יס קמה, בשנת 1998, הבאנו את בשורת הלווין אל עולם שידורי הטלוויזיה והיינו הראשונים להציע שידורים דיגיטליים ושירותי טלוויזיה אינטראקטיביים - כשבחירת התכנים היא בידיים של הלקוח
Telkomsel
Connecting Nation. Accelerating Indonesia's Future. As Indonesia's leading digital telecommunications company, Telkomsel is committed to building a connected, competitive, and future-ready society. For over 29 years, we've empowered individuals, homes, and businesses with innovative connectivity an
Vodafone
At Vodafone, we believe that connectivity is a force for good. If we use it for the things that really matter, it can improve people's lives and the world around us. Through our technology we empower people, connecting everyone regardless of who they are or where they live, we protect the planet a
Telekom Malaysia
TM is the national connectivity and digital infrastructure provider and Malaysia’s leading integrated telco; offering a comprehensive suite of communication services and solutions in fixed (telephony and broadband), mobility, content, WiFi, ICT, Cloud and smart services. TM is driven by stakeholder
Lumen Technologies
Lumen connects the world. We digitally connect people, data and applications – quickly, securely and effortlessly. Everything we do at Lumen takes advantage of our network strength. From metro connectivity to long-haul data transport to our edge cloud, security, and managed service capabilities, we
.png)
Київстар CyberSecurity News
January 05, 2024 08:00 AM
Exclusive: Russian hackers were inside Ukraine telecoms giant for months
Russian hackers were inside Ukrainian telecoms giant Kyivstar's system from at least May last year in a cyberattack that should serve as a...
December 13, 2023 08:00 AM
Russian hackers claim responsibility for attack on major Ukrainian mobile operator – Rubryka
Russian hackers from the so-called "Sonltsepyok" group have claimed full responsibility for a cyberattack on the .
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Київстар CyberSecurity History Information
Official Website of Київстар
The official website of Київстар is http://kyivstar.ua.
Київстар’s AI-Generated Cybersecurity Score
According to Rankiteo, Київстар’s AI-generated cybersecurity score is 755, reflecting their Fair security posture.
How many security badges does Київстар’ have ?
According to Rankiteo, Київстар currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Київстар been affected by any supply chain cyber incidents ?
According to Rankiteo, Київстар has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Київстар have SOC 2 Type 1 certification ?
According to Rankiteo, Київстар is not certified under SOC 2 Type 1.
Does Київстар have SOC 2 Type 2 certification ?
According to Rankiteo, Київстар does not hold a SOC 2 Type 2 certification.
Does Київстар comply with GDPR ?
According to Rankiteo, Київстар is not listed as GDPR compliant.
Does Київстар have PCI DSS certification ?
According to Rankiteo, Київстар does not currently maintain PCI DSS compliance.
Does Київстар comply with HIPAA ?
According to Rankiteo, Київстар is not compliant with HIPAA regulations.
Does Київстар have ISO 27001 certification ?
According to Rankiteo,Київстар is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Київстар
Київстар operates primarily in the Telecommunications industry.
Number of Employees at Київстар
Київстар employs approximately 3,227 people worldwide.
Subsidiaries Owned by Київстар
Київстар presently has no subsidiaries across any sectors.
Київстар’s LinkedIn Followers
Київстар’s official LinkedIn profile has approximately 38,541 followers.
NAICS Classification of Київстар
Київстар is classified under the NAICS code 517, which corresponds to Telecommunications.
Київстар’s Presence on Crunchbase
No, Київстар does not have a profile on Crunchbase.
Київстар’s Presence on LinkedIn
Yes, Київстар maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/kyivstar.
Cybersecurity Incidents Involving Київстар
As of January 21, 2026, Rankiteo reports that Київстар has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Київстар has an estimated 9,783 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Київстар ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack.
How does Київстар detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with social media notifications..
Incident Details
Can you provide details on each incident ?
Title: Powerful Hacker Attack on Kyivstar
Description: Kyivstar, the primary telecom operator in Ukraine, experienced a hacker attack that disrupted mobile and internet services for millions of customers and caused malfunctions in air raid sirens in Sumy.
Type: Cyber Attack
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
Impact of the Incidents
What was the impact of each incident ?
Incident : Cyber Attack 9415124
Systems Affected: Mobile ServiceInternet ServiceAir Raid Sirens
Operational Impact: Service OutageSiren Malfunction
Which entities were affected by each incident ?
Incident : Cyber Attack 9415124
Entity Name: Kyivstar
Entity Type: Telecom Operator
Industry: Telecommunications
Location: Ukraine
Size: Large
Customers Affected: 25 million mobile users, 1 million home internet users
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Cyber Attack 9415124
Communication Strategy: Social Media Notifications
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Social Media Notifications.
Additional Questions
Impact of the Incidents
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Mobile ServiceInternet ServiceAir Raid Sirens.
.png)
Latest Global CVEs (Not Company-Specific)
Description
SummaryA command injection vulnerability (CWE-78) has been found to exist in the `wrangler pages deploy` command. The issue occurs because the `--commit-hash` parameter is passed directly to a shell command without proper validation or sanitization, allowing an attacker with control of `--commit-hash` to execute arbitrary commands on the system running Wrangler. Root causeThe commitHash variable, derived from user input via the --commit-hash CLI argument, is interpolated directly into a shell command using template literals (e.g., execSync(`git show -s --format=%B ${commitHash}`)). Shell metacharacters are interpreted by the shell, enabling command execution. ImpactThis vulnerability is generally hard to exploit, as it requires --commit-hash to be attacker controlled. The vulnerability primarily affects CI/CD environments where `wrangler pages deploy` is used in automated pipelines and the --commit-hash parameter is populated from external, potentially untrusted sources. An attacker could exploit this to: * Run any shell command. * Exfiltrate environment variables. * Compromise the CI runner to install backdoors or modify build artifacts. Credits Disclosed responsibly by kny4hacker. Mitigation * Wrangler v4 users are requested to upgrade to Wrangler v4.59.1 or higher. * Wrangler v3 users are requested to upgrade to Wrangler v3.114.17 or higher. * Users on Wrangler v2 (EOL) should upgrade to a supported major version.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data as well as unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L).
Risk Information
cvss3
Base: 8.1
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=kyivstar' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
