Lifespan
Company Details
Linkedin ID:
lifespanhealthsystem
Website:
Employees number:
23,394
Number of followers:
68,182
NAICS:
62
Industry Type:
Homepage:
brownhealth.org
IP Addresses:
0
Company ID:
LIF_2546587
Scan Status:
In-progress
Lifespan Company CyberSecurity Posture
brownhealth.org
Formed in 1994, Brown University Health (Formerly Lifespan) is a not-for-profit health system based in Providence, RI comprising three teaching hospitals of The Warren Alpert Medical School of Brown University: Rhode Island Hospital and its Hasbro Children's; The Miriam Hospital; and Bradley Hospital, the nation’s first psychiatric hospital for children; Newport Hospital, Saint Anne's Hospital and Morton Hospital, community hospitals offering a broad range of health services; Gateway Healthcare, the state’s largest provider of community behavioral health care; and Brown Health Medical Group, the largest multi-specialty practice in Rhode Island. Brown University Health teaching hospitals are among the country’s top recipients of research funding from the US National Institutes of Health. The hospitals received $145 million in external research funding in fiscal 2023. All Brown University Health hospitals are charitable organizations that depend on support from the community to provide programs and services.
Lifespan A.I CyberSecurity Scoring
Lifespan Risk Score (AI oriented)Between 700 and 749
Lifespan
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Lifespan Global Score (TPRM)XXXX
Lifespan
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Lifespan Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
LIFESPAN, Incorporated
Ransomware
Rankiteo Explanation
Attack threatening the organization's existence
Description: The Maryland Office of the Attorney General reported a data breach involving LIFESPAN, Incorporated on May 3, 2022. The breach occurred on April 12, 2022, due to a cybersecurity incident that encrypted data on their servers, potentially exposing personal information such as Social Security numbers and bank routing numbers. Approximately one individual from Rhode Island was affected.
Lifespan Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Lifespan
Incidents vs Hospitals and Health Care Industry Average (This Year)
No incidents recorded for Lifespan in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Lifespan in 2025.
Incident Types Lifespan vs Hospitals and Health Care Industry Avg (This Year)
No incidents recorded for Lifespan in 2025.
Incident History — Lifespan (X = Date, Y = Severity)
Lifespan cyber incidents detection timeline including parent company and subsidiaries
Lifespan Company Subsidiaries
Formed in 1994, Brown University Health (Formerly Lifespan) is a not-for-profit health system based in Providence, RI comprising three teaching hospitals of The Warren Alpert Medical School of Brown University: Rhode Island Hospital and its Hasbro Children's; The Miriam Hospital; and Bradley Hospital, the nation’s first psychiatric hospital for children; Newport Hospital, Saint Anne's Hospital and Morton Hospital, community hospitals offering a broad range of health services; Gateway Healthcare, the state’s largest provider of community behavioral health care; and Brown Health Medical Group, the largest multi-specialty practice in Rhode Island. Brown University Health teaching hospitals are among the country’s top recipients of research funding from the US National Institutes of Health. The hospitals received $145 million in external research funding in fiscal 2023. All Brown University Health hospitals are charitable organizations that depend on support from the community to provide programs and services.
Loading...
Lifespan Similar Companies
Wellstar Health System
At Wellstar Health System, our mission is to enhance the health and well-being of every person we serve. Nationally ranked and locally recognized for our high-quality care, inclusive culture and world-class doctors and caregivers, Wellstar is one of the largest, most integrated healthcare systems in
St. Luke's University Health Network
Founded in 1872, St. Luke’s University Health Network (SLUHN) is a fully integrated, regional, non-profit network of more than 23,000 employees providing services at 16 campuses and 350+ outpatient sites. With annual net revenue of $4 billion, the Network’s service area includes 11 counties in two s
Labcorp
Clear and confident health care decisions begin with questions. At Labcorp, we’re constantly in pursuit of answers. As a global leader of innovative and comprehensive laboratory services, we help doctors, hospitals, pharmaceutical companies, researchers and patients make clear and confident decisi
Memorial Healthcare System
Be at the heart of exceptional care. Team MHS Florida is an award-winning group of friends and colleagues at one of the largest not-for-profit health systems in the nation. We're 17,000 strong, advancing towards a brighter future together. We're passionate about the work we do, delivering deep, pe
Mediclinic
Mediclinic Southern Africa is a private hospital group operating in South Africa and Namibia focused on providing acute care, specialist-orientated, multi-disciplinary hospital services and related service offerings. We place science at the heart of our care process by striving to provide evidence-b
St. Luke's Health System
As the only Idaho-based, not-for-profit health system, St. Luke’s Health System is dedicated to our mission “To improve the health of people in the communities we serve.” Today that means not only treating you when you’re sick or hurt, but doing everything we can to help you be as healthy as possibl
Penn Medicine, University of Pennsylvania Health System
Penn Medicine’s mission is to advance knowledge and improve health through research, patient care, and the education of trainees in an inclusive culture that embraces diversity, fosters innovation, stimulates critical thinking, supports lifelong learning, and sustains our legacy of excellence. Penn
Cincinnati Children's
Cincinnati Children’s, a nonprofit academic medical center established in 1883, offers services from well-child care to treatment for the most rare and complex conditions. It is the Department of Pediatrics at the University of Cincinnati College of Medicine and trains more than 600 residents and cl
Hapvida NotreDame Intermédica
Com cerca de 80 anos de experiência, a Hapvida é hoje a maior empresa de saúde integrada da América Latina. A companhia, que possui mais de 69 mil colaboradores, atende quase 16 milhões de beneficiários de saúde e odontologia espalhados pelas cinco regiões do Brasil. Todo o aparato foi construído a
.png)
Lifespan CyberSecurity News
December 16, 2025 12:11 PM
This is the final day to get 1,000+ learning courses for just $18
Some deals are good. Some deals are smart. And then there are the deals are too good to be true—like lifetime access to EDU Unlimited by...
December 05, 2025 08:00 AM
InfoSec4TC lifetime cybersecurity training is now $53 in this deal
InfoSec4TC offers a workaround. Their Platinum Membership unlocks lifelong access to a massive catalog of cybersecurity courses and exam...
December 03, 2025 10:42 PM
Are We Prepared for Cyberthreats in the New Era of Transportation?
The automotive user experience has evolved dramatically, and the trend is accelerating, driven by advances in vehicle connectivity and autonomy.
November 24, 2025 08:00 AM
Lifetime Cybersecurity Training for Entrepreneurs Is Just $52.97 Through January 11
Lifetime Cybersecurity Training for Entrepreneurs Is Just $52.97 Through January 11. Build the security expertise your business needs without...
November 21, 2025 08:00 AM
Get started training for today’s cybersecurity careers for just $53
If you've been curious about cybersecurity, this is one of the easiest, most affordable ways to finally dive in.
November 16, 2025 08:00 AM
Get started learning the CISSP security domains for just $30 through 11/20
The CISSP certification remains one of the top certifications for cybersecurity professionals looking to advance their careers in security...
October 30, 2025 07:00 AM
This CompTIA course bundle is now less than $30 in this lifetime deal
This All-in-One CompTIA Certification Prep Courses Bundle offers the same foundational training for less than $3 per course,...
October 28, 2025 07:00 AM
This $30 CISSP course bundle gives an intro to the rigorous certification
Cybersecurity roles demand constant learning, and certification remains the key to advancing in that field. For professionals working toward...
September 16, 2025 07:00 AM
Could 15 March 2029 be D-Day for cybersecurity in your organisation?
Sep 16, 2025. The 15th of March is etched in history as the day when Julius Caesar met his end at the hands of the senators of Rome, and it's about to...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Lifespan CyberSecurity History Information
Official Website of Lifespan
The official website of Lifespan is https://www.brownhealth.org.
Lifespan’s AI-Generated Cybersecurity Score
According to Rankiteo, Lifespan’s AI-generated cybersecurity score is 742, reflecting their Moderate security posture.
How many security badges does Lifespan’ have ?
According to Rankiteo, Lifespan currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Lifespan have SOC 2 Type 1 certification ?
According to Rankiteo, Lifespan is not certified under SOC 2 Type 1.
Does Lifespan have SOC 2 Type 2 certification ?
According to Rankiteo, Lifespan does not hold a SOC 2 Type 2 certification.
Does Lifespan comply with GDPR ?
According to Rankiteo, Lifespan is not listed as GDPR compliant.
Does Lifespan have PCI DSS certification ?
According to Rankiteo, Lifespan does not currently maintain PCI DSS compliance.
Does Lifespan comply with HIPAA ?
According to Rankiteo, Lifespan is not compliant with HIPAA regulations.
Does Lifespan have ISO 27001 certification ?
According to Rankiteo,Lifespan is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Lifespan
Lifespan operates primarily in the Hospitals and Health Care industry.
Number of Employees at Lifespan
Lifespan employs approximately 23,394 people worldwide.
Subsidiaries Owned by Lifespan
Lifespan presently has no subsidiaries across any sectors.
Lifespan’s LinkedIn Followers
Lifespan’s official LinkedIn profile has approximately 68,182 followers.
NAICS Classification of Lifespan
Lifespan is classified under the NAICS code 62, which corresponds to Health Care and Social Assistance.
Lifespan’s Presence on Crunchbase
No, Lifespan does not have a profile on Crunchbase.
Lifespan’s Presence on LinkedIn
Yes, Lifespan maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/lifespanhealthsystem.
Cybersecurity Incidents Involving Lifespan
As of December 19, 2025, Rankiteo reports that Lifespan has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Lifespan has an estimated 31,346 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Lifespan ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
Incident Details
Can you provide details on each incident ?
Title: Data Breach at LIFESPAN, Incorporated
Description: A data breach involving LIFESPAN, Incorporated was reported by the Maryland Office of the Attorney General on May 3, 2022. The breach occurred on April 12, 2022, due to a cybersecurity incident that encrypted data on their servers, potentially exposing personal information such as Social Security numbers and bank routing numbers. Approximately one individual from Rhode Island was affected.
Date Detected: 2022-04-12
Date Publicly Disclosed: 2022-05-03
Type: Data Breach
Attack Vector: Encryption of data on servers
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach LIF458080525
Data Compromised: Social security numbers, Bank routing numbers
Systems Affected: Servers
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Social Security Numbers, Bank Routing Numbers and .
Which entities were affected by each incident ?
Incident : Data Breach LIF458080525
Entity Name: LIFESPAN, Incorporated
Entity Type: Company
Location: Rhode Island
Customers Affected: 1
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach LIF458080525
Type of Data Compromised: Social security numbers, Bank routing numbers
Number of Records Exposed: 1
Sensitivity of Data: High
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Data Breach LIF458080525
Data Encryption: True
References
Where can I find more information about each incident ?
Incident : Data Breach LIF458080525
Source: Maryland Office of the Attorney General
Date Accessed: 2022-05-03
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Maryland Office of the Attorney GeneralDate Accessed: 2022-05-03.
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2022-04-12.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2022-05-03.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Social Security numbers, bank routing numbers and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Social Security numbers and bank routing numbers.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 1.0.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Maryland Office of the Attorney General.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permission restrictions via a crafted HTTP request. This allows an attacker who lacks the live queries - read permission to successfully retrieve the list of live queries.
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Description
Weblate is a web based localization tool. In versions prior to 5.15.1, it was possible to overwrite Git configuration remotely and override some of its behavior. Version 5.15.1 fixes the issue.
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description
Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch can allow an authenticated user with snapshot restore privileges to cause Excessive Allocation (CAPEC-130) of memory and a denial of service (DoS) via crafted HTTP request.
Risk Information
cvss3
Base: 4.9
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Description
Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana can allow a low-privileged authenticated user to cause Excessive Allocation (CAPEC-130) of computing resources and a denial of service (DoS) of the Kibana process via a crafted HTTP request.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Description
Improper neutralization of input during web page generation ('Cross-site Scripting') (CWE-79) allows an unauthenticated user to embed a malicious script in content that will be served to web browsers causing cross-site scripting (XSS) (CAPEC-63) via a vulnerability a function handler in the Vega AST evaluator.
Risk Information
cvss3
Base: 6.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=lifespanhealthsystem' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
