What is the official website of Lumen ?

The official website of Lumen is https://www.lumen.ca.

What is Lumen's cybersecurity risk score?

Lumen has an AI-generated cybersecurity risk score of 752 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has Lumen experienced?

According to Rankiteo, Lumen currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Lumen been affected by any supply chain cyber incidents ?

According to Rankiteo, Lumen has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does Lumen have SOC 2 Type 1 certification ?

According to Rankiteo, Lumen is not certified under SOC 2 Type 1.

Does Lumen have SOC 2 Type 2 certification ?

According to Rankiteo, Lumen does not hold a SOC 2 Type 2 certification.

Does Lumen comply with GDPR ?

According to Rankiteo, Lumen is not listed as GDPR compliant.

Does Lumen have PCI DSS certification ?

According to Rankiteo, Lumen does not currently maintain PCI DSS compliance.

Does Lumen comply with HIPAA ?

According to Rankiteo, Lumen is not compliant with HIPAA regulations.

Does Lumen have ISO 27001 certification ?

According to Rankiteo,Lumen is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Lumen operate in ?

Lumen operates primarily in the Wholesale industry.

How many employees does Lumen have ?

Lumen employs approximately 709 people worldwide.

Does Lumen own any subsidiaries ?

Lumen presently has no subsidiaries across any sectors.

How many LinkedIn followers does Lumen have ?

Lumen's official LinkedIn profile has approximately 13,648 followers.

What is the NAICS classification code for Lumen ?

Lumen is classified under the NAICS code 42, which corresponds to Wholesale Trade.

Does Lumen have a Crunchbase profile ?

No, Lumen does not have a profile on Crunchbase.

Does Lumen have a LinkedIn profile ?

Yes, Lumen maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/lumen-sonepar.

How many cybersecurity incidents has Lumen experienced ?

As of June 16, 2026, Rankiteo reports that Lumen has not experienced any cybersecurity incidents.

How many peer or competitor companies does Lumen have ?

Lumen has an estimated 6,653 peer or competitor companies worldwide.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

Lumen

Boost Score +25 with badge (5 left)

752

/1000

Fair

777

/1000

Fair

Lumen Vendor Cyber Rating & Cyber Score

lumen.ca

Add Your Compliance Badge

Lumen is the leading distributor of electrical and automation material in Québec. The company was founded in St. Eustache in 1962 and has been part of the worldwide Sonepar Group since 1984. We are experts in our field who have built a reputation for fast, reliable and quality services. Our new ultra-modern 385,000 sq. ft. distribution center and our network of 38 branches allow us to deliver anywhere in Québec within 24 hours. Our logistics capabilities make us a preferred partner for SMBs as well as large corporations. Our products and services are primarily geared toward commercial, residential, industrial, OEM, institutional, municipal and mining markets. Our team’s foremost priority is to meet the most stringent requirements of

Lumen A.I CyberSecurity Scoring

Scoring History

Lumen

Lumen CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

No data available

Loading…

A.I.

Lumen Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for Lumen

Incidents vs Wholesale Industry Avg (This Year)

No incidents recorded for Lumen in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Lumen in 2026.

Incident Types Lumen vs Wholesale Industry Avg (This Year)

No incidents recorded for Lumen in 2026.

Incident History - Lumen (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Lumen Subsidiaries

Lumen

Wholesale

Website: https://www.lumen.ca

Company Size: 709

Sonepar CanadaWholesale

SoneparWholesale

TexcanWholesale

Aztec Electrical Supply Inc.Automation Machinery Manufacturing

GescanWholesale

SescoWholesale

MGM Electric Ltd.Wholesale

Dixon ElectricWholesale

Loading…

Lumen Similar Companies

Porsche Holding

porsche-holding.com

Porsche Holding Salzburg is the largest and most successful automotive distributor in Europe. Our roots are in Salzburg, but we now also operate in 29 countries on three continents. Our core expertise: global automotive distribution. Our business divisions: automotive wholesale, automotive retail, financial services and IT systems. From a humble family business to one of the largest sales organizations in the world. Driven by our passion for the automobile since the company formation in 1947, Porsche Holding has grown from a family business into the leading mobility partner with dealerships and offices in 23 countries across Europe as well as in Chile, Colombia, China, Singapore, Malaysia, and Japan. Our corporate headquarters is still located where our company's rich history began, in the beautiful Austrian city of Salzburg. As a fully-owned subsidiary of Volkswagen AG, our business focuses on the VW Group brands Volkswagen Passenger Cars and Commercial Vehicles, Škoda, SEAT, CUPRA, Audi, Lamborghini, Bentley, Ducati and Porsche. We shape the future of mobility. Join the Porsche Holding team and be part of it.

Sonepar

sonepar.com

Sonepar is an independent family-owned company standing as the world leader in B-to-B distribution of electrical equipment, solutions, and services. In 2024, Sonepar achieved sales of €32.5 billion. Present in 40 countries with a dense network of brands, the Group is leading an ambitious transformation to make its customers’ lives easier, providing them with an omnichannel experience and sustainable solutions in the building, industry, and energy markets. Sonepar’s 46,000 associates are committed to accelerating the world’s electrification and driven by a shared Purpose: Powering Progress for Future Generations.

METRO/MAKRO

metroag.de

METRO is a leading international wholesale company with food and non-food assortments that specialises in serving the needs of hotels, restaurants and caterers (HoReCa) as well as independent traders. Around the world, METRO has 15 million customers who can choose whether to shop in one of the large-format stores, order online and collect their purchases at the store or have them delivered. METRO also supports the competitiveness of entrepreneurs and independent businesses with digital solutions and thereby contributes to cultural diversity in trade and the hospitality industry. The company operates in more than 30 countries and employs more than 85,000 people worldwide. In financial year 2022/23, METRO generated a group revenue of €31 billion. More information: https://careers.metroag.de Imprint: https://careers.metroag.de/imprint Data Privacy: https://careers.metroag.de/privacy-policy

Assaí Atacadista

cb assai.com.br

Crescimento, oportunidade, valorização e respeito. Isso é Ser Assaí! Muito prazer, somos o Assaí Atacadista, empresa de atacado de autosserviço que está entre as maiores empregadoras privadas do país, que também carrega uma das Marcas Mais Valiosas do Brasil, segundo o ranking da Interbrand! Hoje, temos mais de 290 lojas, com mais de 80 mil colaboradores(as) que atuam com muita paixão por atender nossos(as) clientes, desde pequenos(as) e médios(as) comerciantes(as) e transformadores(as), até consumidores(as) finais que buscam por variedade e economia, cumprindo a nossa missão de abastecer os lares de milhares de brasileiros(as) com alimentos e itens básicos. Somos uma empresa que cuida da Nossa Gente, zela pela simplicidade, valoriza o Ser Humano e acredita no poder da diversidade e inclusão, atitudes que fazem parte dos valores da Nossa Cultura e, mais do que isso, são vivenciadas e praticadas no dia a dia de toda a Nossa Gente! E com o nosso processo de expansão acelerado, estamos crescendo e trazendo cada vez mais pessoas para fazerem parte do nosso time. Afinal, o crescimento do Nosso Negócio significa o crescimento da Nossa Gente! Por isso, buscamos profissionais que tenham muita vontade de se desenvolver em um ambiente inclusivo, que respeita todos e todas, jeitos, raças, cores e crenças, além de muito dinâmico, repleto de desafios e oportunidades! #VemSerAssaí: acesse assai.gupy.io e cadastre seu CV!

Wesco

wesco.com

At Wesco, we believe life should run smoothly. As a leading provider of business-to-business distribution, logistics services and supply chain solutions, we create a world that you can depend on. Harnessing 100 years of ingenuity and expertise, we increase profitability, improve productivity and mitigate risk for approximately 150,000 customers worldwide. With millions of products and locations in more than 50 countries, Wesco is your partner in progress. Our company’s greatest asset is our people. From our corporate and field offices to our distribution sites, Wesco employs over 20,000 professionals around the globe. We’re committed to fostering diversity and inclusion across our workforce by embracing the unique perspectives, authenticity, and individuality our team members contribute to the company. Headquartered in Pittsburgh, Wesco is a publicly traded (NYSE: WCC) FORTUNE 500® company with 2023 net sales of $22.4 billion.

Atacadão

atacadao.com.br

O Atacadão é uma empresa do Grupo Carrefour Brasil, com mais de 370 unidades de autosserviço e 36 atacados de entrega e centros de distribuição, que garantem o abastecimento de comerciantes, transformadores e consumidores finais, e está em contínua expansão. Com base nos pilares estratégicos de combate à fome e às desigualdades, diversidade e inclusão e proteção ao planeta & biodiversidade, o Atacadão tem o compromisso de oferecer produtos de qualidade a preços justos aos seus clientes. Com 62 anos de história, mais de 70 mil colaboradores e presença em mais de 220 municípios, também atua no e-commerce com o seu próprio canal de vendas online. Em 2023, a rede conquistou importantes prêmios para o setor, como o 1º lugar na categoria atacadista no Top of Mind, da Folha de S. Paulo, o primeiro lugar no ranking de varejo, supermercados e e-commerce do Prêmio BandNews e a 10ª colocação do ranking geral das 1000 Maiores Empresas do País, do Valor Econômico. O Atacadão também lidera o Ranking ABAAS (Associação Brasileira dos Atacadistas de Autosserviço) e da ABAD (Associação Brasileira de Atacadistas e Distribuidores de Produtos Industrializados). Racismo é crime. Denuncie. Disque 100 ou procure a Delegacia de Polícia Civil mais próxima ou o Ministério Público.

Rexel

rexel.com

Rexel, worldwide expert in the multichannel professional distribution of products and services for the energy world, addresses three main markets: residential, commercial, and industrial. The Group supports its residential, commercial, and industrial customers by providing a tailored and scalable range of products and services in energy management for construction, renovation, production, and maintenance. Rexel operates through a network of more than 1,950 branches in 17 countries, with more than 27,000 employees. The Group’s sales were €19.3 billion in 2024.

HD Supply

hdsupply.com

HD Supply, a wholly owned subsidiary of The Home Depot, is a leading wholesale distribution company serving customers and their communities across the Multifamily, Institutional, Hospitality, Trades, Government Housing, Healthcare, Building Services and Education industries through an expansive network of over 100 distribution centers across the U.S. & Canada. We offer our customers a vast assortment of over 100,000 MRO, full-line janitorial and OS&E products from high-quality, national and private brands, all at competitive prices. Combined with our industry-leading services and solutions – including localized jobsite delivery, renovation programs, direct-ship options and innovative digital tools and capabilities, as well as dedicated sales and customer care teams – you can see why our more than 250,000 customers continue to trust HD Supply as their supplier of choice for serving their communities where people live, learn, work and play. Equally as important is empowering our associates to grow professionally while providing competitive benefits and compensation. If you're ready to find a rewarding career and achieve your full potential with a growing industry leader, HD Supply is ready for you!

Ferguson

ferguson.com

Since 1953, Ferguson has been a leading source of quality supplies for a variety of industries. We are proud to provide world-class products and services to a customer base that is as vast and varied as our inventory. The professionals we serve help transform the world we live in, and we are their trusted partners with the scale, expertise and solutions to provide peace of mind. Ferguson is part of Ferguson Enterprises Inc., which has approximately 35,000 associates across 1,700 locations and serves customers in all 50 states, Canada, Puerto Rico, Mexico and the Caribbean.

Loading…

NEWS

Lumen CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

March 20, 2026 07:00 AM

Lumen Board Shake Up Puts AI And Cybersecurity At Center Stage

Lumen Technologies announced a leadership shake up, including the retirement of its Board Chair and several Board transitions.

Read Article

March 14, 2026 07:00 AM

Cybersecurity alert: Hijacked devices now key weapon in global attacks

Security researchers have raised alarm over a sophisticated new malware operation called KadNap, which has silently compromised over 14000...

Read Article

March 10, 2026 07:00 AM

KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet

Cybersecurity researchers have discovered a new malware called KadNap that's primarily targeting Asus routers to enlist them into a botnet...

Read Article

February 23, 2026 08:00 AM

Lumen Technologies expands APAC cybersecurity capabilities in collaboration with Palo Alto Networks

SINGAPORE - Media OutReach Newswire - 23 February 2026 - Lumen Technologies has achieved the Palo Alto Networks NextWave Cortex XSIAM Select...

Read Article

January 30, 2026 08:00 AM

Google’s disruption rips millions out of devices out of malicious network

The actions impaired some of IPIDEA's proxy infrastructure, but not all of it. The effort underscores the back-and-forth struggle of taking...

Read Article

January 14, 2026 08:00 AM

Kimwolf botnet’s swift rise to 2M infected devices agitates security researchers

The botnet took an unusual path by abusing residential proxy networks, allowing it to control an untapped collection of unofficial Android...

Read Article

December 15, 2025 08:00 AM

Lumen (LUMN) Stock Trades Down, Here Is Why

What Happened? Shares of telecommunications infrastructure company Lumen Technologies NYSE:LUMN fell 4.2% in the afternoon session after a...

Read Article

December 03, 2025 08:00 AM

Lumen Technologies expands APAC cybersecurity capabilities with Palo Alto Networks

Lumen Technologies has achieved the Palo Alto Networks NextWave Cortex XSIAM Select Specialization Status in Singapore. This specialization...

Read Article

December 03, 2025 08:00 AM

Why Lumen (LUMN) Stock Is Trading Up Today

Shares of telecommunications infrastructure company Lumen Technologies (NYSE: LUMN) jumped 4.4% in the afternoon session after positive...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-53430

SUMMARY

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Message modules) allows a denial of service via a gzip decompression bomb. This vulnerability is associated with program files lib/grpc/compressor/gzip.ex, lib/grpc/message.ex and program routines 'Elixir.GRPC.Compressor.Gzip':decompress/1, 'Elixir.GRPC.Message':from_data/2. 'Elixir.GRPC.Compressor.Gzip':decompress/1 calls :zlib.gunzip/1 directly on attacker-controlled bytes with no decompressed-size limit, ratio check, or incremental decoding. Because this module is the registered gzip GRPC.Compressor implementation, it is invoked automatically whenever an incoming gRPC frame carries the grpc-encoding: gzip header. :zlib.gunzip/1 allocates the entire decompressed result as a single binary, so a small highly compressible payload (for example a few kilobytes of zeros, which gzip compresses at roughly 1000:1) expands to multiple gigabytes inside a single call. The max_receive_message_length limit is enforced only against the already-decompressed message, so it provides no protection. An unauthenticated remote peer can send a single crafted frame to exhaust the BEAM node's heap and trigger an out-of-memory kill. This issue affects grpc: from 0.4.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 8.7

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48854

SUMMARY

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust the BEAM's memory and crash the server by streaming a large or slow-trickle unary request body. 'Elixir.GRPC.Server.Adapters.Cowboy.Handler':read_full_body/3 (lib/grpc/server/adapters/cowboy/handler.ex) accumulates every received chunk into a single growing binary with no size cap. Additionally, when the client omits the grpc-timeout header, the per-chunk read timeout resolves to :infinity, allowing a slow-trickle client to keep the connection alive indefinitely while memory grows. A single connection is sufficient to exhaust server memory and crash the node. This issue affects grpc from 0.3.1 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 8.7

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48853

SUMMARY

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc allow unauthenticated attackers to crash the BEAM node via atom table exhaustion and, when a decoded term flows into a call site that invokes it, achieve remote code execution on the server. 'Elixir.GRPC.Codec.Erlpack':decode/2 (lib/grpc/codec/erlpack.ex) calls :erlang.binary_to_term/1 on the raw gRPC message body without the :safe option, no size bound, and no type guard. Any unauthenticated peer that sends a request with Content-Type: application/grpc+erlpack can send a crafted payload that mints arbitrary new atoms (which are never garbage-collected, exhausting the bounded atom table and crashing the VM) or that encodes a fun term which, if applied anywhere downstream, executes attacker-controlled code inside the server process. This issue affects grpc from 0.4.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 9.2

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48723

SUMMARY

The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36.4 are vulnerable to OS command injection via the cypress_config_file configuration parameter. In readCypressConfigUtil.js, the loadJsFile() function constructs a shell command by interpolating the user-controlled cypress_config_filepath value into a template literal, then executes it via child_process.execSync(). Shell metacharacters in the config path (specifically " and ;) allow breaking out of the quoted argument and injecting arbitrary commands. This issue has been fixed in version 1.36.6.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: 7.8)

cvss3

Base Score: 7.8

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

1.8

REFERENCES

CVE-2026-48599

SUMMARY

Authorization Bypass Through User-Controlled Key vulnerability in elixir-grpc grpc allows authenticated attackers to access or modify resources belonging to other users by smuggling a conflicting value for any path-bound field via the query string or request body. In 'Elixir.GRPC.Server.Transcode':map_request/5 (lib/grpc/server/transcode.ex), all three clauses use Map.merge/2 with path bindings as the first argument, giving them the lowest merge precedence. A request such as GET /users/me/profile?user_id=victim (or a POST with {"user_id": "victim"} when body: "*") yields a decoded protobuf struct where the path-bound field carries the attacker-supplied value rather than the router-extracted value. Any handler that uses the path-bound field for authorization, multi-tenancy scoping, or ownership checks is silently bypassed. This issue affects grpc from 0.8.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 7.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…