Liberty IT
Company Details
Linkedin ID:
libertyit
Employees number:
764
Number of followers:
15,585
NAICS:
5112
Industry Type:
Homepage:
liberty-it.co.uk
IP Addresses:
0
Company ID:
LIB_1339531
Scan Status:
In-progress
Liberty IT Company CyberSecurity Posture
liberty-it.co.uk
We’re a bunch of inventors, problem solvers, business brains and tech transformers. We revel in a challenge and stop at nothing to provide the solution, exceeding expectations, breaking new ground and transforming customer interactions. With over 25 years’ experience we’ve got the backing of global giant Liberty Mutual Insurance, with fresh talent to push every boundary. And that’s what makes us exciting. We’re your best tech secret! We're proud to be an official "Great Place to Work,®" but as our name suggests, it's all about the technology. We don't just get things done, we excel at engineering, and we build creative solutions through team collaboration across all levels of experience, allowing us to deliver business value in a big way. We’re also quite a social bunch – meet ups, BBQs, parties, even weekends away if that takes your fancy. Our teams hold community and well-being close to their hearts, looking after and supporting each other and themselves through a range of activities and initiatives.
Liberty IT A.I CyberSecurity Scoring
Liberty IT Risk Score (AI oriented)Between 750 and 799
Liberty IT
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Liberty IT Global Score (TPRM)XXXX
Liberty IT
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Liberty IT Company CyberSecurity News & History
Past Incidents
2
Attack Types
2
Liberty Mutual Group, Inc.
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The California Office of the Attorney General reported a data breach involving Liberty Mutual Group, Inc. on March 30, 2021. The breach occurred between November 21, 2020, and March 12, 2021, during which an unauthorized third party may have accessed individuals' driver’s license numbers and personal information via fraudulent auto insurance applications. The exact number of individuals affected remains unknown.
Liberty IT
Cyber Attack
Rankiteo Explanation
Attack threatening the organization's existence
Description: An IT systems breach had hit it. It had suffered unauthorized access to its IT infrastructure. Hackers demanded millions from Liberty Life and threaten to start releasing sensitive data. The hackers have obtained “sensitive data” about “top clients”.
Liberty IT Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Liberty IT
Incidents vs Software Development Industry Average (This Year)
No incidents recorded for Liberty IT in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Liberty IT in 2025.
Incident Types Liberty IT vs Software Development Industry Avg (This Year)
No incidents recorded for Liberty IT in 2025.
Incident History — Liberty IT (X = Date, Y = Severity)
Liberty IT cyber incidents detection timeline including parent company and subsidiaries
Liberty IT Company Subsidiaries
We’re a bunch of inventors, problem solvers, business brains and tech transformers. We revel in a challenge and stop at nothing to provide the solution, exceeding expectations, breaking new ground and transforming customer interactions. With over 25 years’ experience we’ve got the backing of global giant Liberty Mutual Insurance, with fresh talent to push every boundary. And that’s what makes us exciting. We’re your best tech secret! We're proud to be an official "Great Place to Work,®" but as our name suggests, it's all about the technology. We don't just get things done, we excel at engineering, and we build creative solutions through team collaboration across all levels of experience, allowing us to deliver business value in a big way. We’re also quite a social bunch – meet ups, BBQs, parties, even weekends away if that takes your fancy. Our teams hold community and well-being close to their hearts, looking after and supporting each other and themselves through a range of activities and initiatives.
Loading...
Liberty IT Similar Companies
SS&C is a leading global provider of mission-critical, cloud-based software and solutions for the financial and healthcare industries. Named to the Fortune 1000 list as a top U.S. company based on revenue, SS&C (NASDAQ: SSNC) is a trusted provider to more than 20,000 financial services and healthcar
DoorDash
At DoorDash, our mission to empower local economies shapes how our team members move quickly and always learn and reiterate to support merchants, Dashers and the communities we serve. We are a technology and logistics company that started with door-to-door delivery, and we are looking for team membe
DiDi
DiDi Global Inc. is a leading mobility technology platform. It offers a wide range of app-based services across Asia Pacific, Latin America, and other global markets, including ride hailing, taxi hailing, designated driving, hitch and other forms of shared mobility as well as certain energy and vehi
Cadence
Cadence is a market leader in AI and digital twins, pioneering the application of computational software to accelerate innovation in the engineering design of silicon to systems. Our design solutions, based on Cadence’s Intelligent System Design™ strategy, are essential for the world’s leading semic
Dassault Systèmes
Dassault Systèmes is a catalyst for human progress. Since 1981, the company has pioneered virtual worlds to improve real life for consumers, patients and citizens. With Dassault Systèmes’ 3DEXPERIENCE platform, 370,000 customers of all sizes, in all industries, can collaborate, imagine and create
Founded in 2003, LinkedIn connects the world's professionals to make them more productive and successful. With more than 1 billion members worldwide, including executives from every Fortune 500 company, LinkedIn is the world's largest professional network. The company has a diversified business mode
Shopee
Shopee is the leading e-commerce platform in Southeast Asia and Taiwan. It is a platform tailored for the region, providing customers with an easy, secure and fast online shopping experience through strong payment and logistical support. Shopee aims to continually enhance its platform and become th
A problem isn't truly solved until it's solved for all. Googlers build products that help create opportunities for everyone, whether down the street or across the globe. Bring your insight, imagination and a healthy disregard for the impossible. Bring everything that makes you unique. Together, we c
Just Eat Takeaway.com
Just Eat Takeaway.com is a leading global online delivery marketplace, connecting consumers and restaurants through our platform in 19 countries. Like a dinner table, working at JET brings our office employees and couriers together. From coding to customer service to couriers, JET is a
.png)
Liberty IT CyberSecurity News
October 19, 2025 07:00 AM
EU May Train Troops Inside Ukraine As Part Of Expanded Mission
The EU is considering training Ukrainian troops inside Ukraine and expanding its support with border monitoring, cybersecurity aid,...
October 15, 2025 07:00 AM
Liberty Mutual’s Mea Clift: Leading with empathy, focused on resilience
Mea Clift's path into cybersecurity began long before it became her professional identity. Today, as Principal Cyber Risk Engineer in...
October 15, 2025 07:00 AM
LevelBlue acquires Cybereason to expand cybersecurity services
LevelBlue has agreed to acquire Cybereason, enhancing its cybersecurity services with expanded detection, response, and global reach.
October 14, 2025 07:00 AM
LevelBlue to acquire Cybereason in latest cybersecurity industry consolidation
LevelBlue announced Tuesday it has signed a definitive agreement to acquire Cybereason, a Boston-based cybersecurity firm specializing in...
October 14, 2025 07:00 AM
LevelBlue acquires Cybereason in a quiet end to a once-soaring cybersecurity star
LevelBlue, a provider of managed security services, has agreed to acquire Cybereason, the embattled cybersecurity company once valued at...
September 23, 2025 07:00 AM
Liberty-Eylau ISD board votes to continue armed security, open line of credit
TEXARKANA, Texas -- Liberty-Eylau Independent School District held a regular school board meeting Thursday and made decisions regarding...
September 04, 2025 01:09 PM
Acronis Announces New #TeamUp Partnership with the Atlanta Falcons and Liberty Technology
Acronis and Liberty Technology are thrilled to announce its Acronis #TeamUp partnership with the National Football League (NFL) team, the Atlanta Falcons.
August 12, 2025 07:00 AM
F5 laying off more than 100 employees in Washington
F5 Inc. is laying off 106 employees in Washington, affecting offices in Seattle and Liberty Lake.
July 24, 2025 07:00 AM
‘If you have an interest in cybersecurity, don’t delay, start today’
Senior software engineer Jennifer Glasgow has worked at Liberty IT for more than eight years, having first started her career as an...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Liberty IT CyberSecurity History Information
Official Website of Liberty IT
The official website of Liberty IT is https://www.liberty-it.co.uk/careers/overview?utm_source=LinkedIn&utm_medium=Organic&utm_campaign=Profilebutton.
Liberty IT’s AI-Generated Cybersecurity Score
According to Rankiteo, Liberty IT’s AI-generated cybersecurity score is 755, reflecting their Fair security posture.
How many security badges does Liberty IT’ have ?
According to Rankiteo, Liberty IT currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Liberty IT have SOC 2 Type 1 certification ?
According to Rankiteo, Liberty IT is not certified under SOC 2 Type 1.
Does Liberty IT have SOC 2 Type 2 certification ?
According to Rankiteo, Liberty IT does not hold a SOC 2 Type 2 certification.
Does Liberty IT comply with GDPR ?
According to Rankiteo, Liberty IT is not listed as GDPR compliant.
Does Liberty IT have PCI DSS certification ?
According to Rankiteo, Liberty IT does not currently maintain PCI DSS compliance.
Does Liberty IT comply with HIPAA ?
According to Rankiteo, Liberty IT is not compliant with HIPAA regulations.
Does Liberty IT have ISO 27001 certification ?
According to Rankiteo,Liberty IT is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Liberty IT
Liberty IT operates primarily in the Software Development industry.
Number of Employees at Liberty IT
Liberty IT employs approximately 764 people worldwide.
Subsidiaries Owned by Liberty IT
Liberty IT presently has no subsidiaries across any sectors.
Liberty IT’s LinkedIn Followers
Liberty IT’s official LinkedIn profile has approximately 15,585 followers.
NAICS Classification of Liberty IT
Liberty IT is classified under the NAICS code 5112, which corresponds to Software Publishers.
Liberty IT’s Presence on Crunchbase
No, Liberty IT does not have a profile on Crunchbase.
Liberty IT’s Presence on LinkedIn
Yes, Liberty IT maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/libertyit.
Cybersecurity Incidents Involving Liberty IT
As of November 27, 2025, Rankiteo reports that Liberty IT has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
Liberty IT has an estimated 26,612 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Liberty IT ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach and Cyber Attack.
Incident Details
Can you provide details on each incident ?
Title: Liberty Life IT Systems Breach
Description: An unauthorized access to Liberty Life's IT infrastructure resulted in hackers demanding millions and threatening to release sensitive data about top clients.
Type: Data Breach
Threat Actor: Hackers
Motivation: Financial Gain
Title: Liberty Mutual Group Data Breach
Description: The California Office of the Attorney General reported a data breach involving Liberty Mutual Group, Inc. on March 30, 2021. The breach dates are between November 21, 2020, and March 12, 2021, during which an unauthorized third party may have accessed individuals' driver’s license numbers and personal information via fraudulent auto insurance applications. The exact number of individuals affected remains unknown.
Date Detected: 2021-03-30
Date Publicly Disclosed: 2021-03-30
Type: Data Breach
Attack Vector: Fraudulent auto insurance applications
Threat Actor: Unauthorized third party
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach LIB192211722
Data Compromised: Sensitive data about top clients
Incident : Data Breach LIB001072625
Data Compromised: Driver’s license numbers, Personal information
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Sensitive data, Driver’S License Numbers, Personal Information and .
Which entities were affected by each incident ?
Incident : Data Breach LIB192211722
Entity Name: Liberty Life
Entity Type: Insurance Company
Industry: Insurance
Incident : Data Breach LIB001072625
Entity Name: Liberty Mutual Group, Inc.
Entity Type: Insurance Company
Industry: Insurance
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach LIB192211722
Type of Data Compromised: Sensitive data
Sensitivity of Data: High
Incident : Data Breach LIB001072625
Type of Data Compromised: Driver’s license numbers, Personal information
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Data Breach LIB192211722
Ransom Demanded: Millions
References
Where can I find more information about each incident ?
Incident : Data Breach LIB001072625
Source: California Office of the Attorney General
Date Accessed: 2021-03-30
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: California Office of the Attorney GeneralDate Accessed: 2021-03-30.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach LIB192211722
High Value Targets: Top clients
Data Sold on Dark Web: Top clients
Additional Questions
General Information
What was the amount of the last ransom demanded ?
Last Ransom Demanded: The amount of the last ransom demanded was Millions.
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an Hackers and Unauthorized third party.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2021-03-30.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2021-03-30.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Sensitive data about top clients, Driver’s license numbers, Personal information and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Sensitive data about top clients, Driver’s license numbers and Personal information.
Ransomware Information
What was the highest ransom demanded in a ransomware incident ?
Highest Ransom Demanded: The highest ransom demanded in a ransomware incident was Millions.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is California Office of the Attorney General.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=libertyit' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
