What is the official website of Lumen ?

The official website of Lumen is https://www.lumen.ca.

What is Lumen's cybersecurity risk score?

Lumen has an AI-generated cybersecurity risk score of 752 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has Lumen experienced?

According to Rankiteo, Lumen currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Lumen been affected by any supply chain cyber incidents ?

According to Rankiteo, Lumen has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does Lumen have SOC 2 Type 1 certification ?

According to Rankiteo, Lumen is not certified under SOC 2 Type 1.

Does Lumen have SOC 2 Type 2 certification ?

According to Rankiteo, Lumen does not hold a SOC 2 Type 2 certification.

Does Lumen comply with GDPR ?

According to Rankiteo, Lumen is not listed as GDPR compliant.

Does Lumen have PCI DSS certification ?

According to Rankiteo, Lumen does not currently maintain PCI DSS compliance.

Does Lumen comply with HIPAA ?

According to Rankiteo, Lumen is not compliant with HIPAA regulations.

Does Lumen have ISO 27001 certification ?

According to Rankiteo,Lumen is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Lumen operate in ?

Lumen operates primarily in the Wholesale industry.

How many employees does Lumen have ?

Lumen employs approximately 709 people worldwide.

Does Lumen own any subsidiaries ?

Lumen presently has no subsidiaries across any sectors.

How many LinkedIn followers does Lumen have ?

Lumen's official LinkedIn profile has approximately 13,648 followers.

What is the NAICS classification code for Lumen ?

Lumen is classified under the NAICS code 42, which corresponds to Wholesale Trade.

Does Lumen have a Crunchbase profile ?

No, Lumen does not have a profile on Crunchbase.

Does Lumen have a LinkedIn profile ?

Yes, Lumen maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/lumen-sonepar.

How many cybersecurity incidents has Lumen experienced ?

As of June 14, 2026, Rankiteo reports that Lumen has not experienced any cybersecurity incidents.

How many peer or competitor companies does Lumen have ?

Lumen has an estimated 6,652 peer or competitor companies worldwide.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

Lumen

Boost Score +25 with badge (5 left)

752

/1000

Fair

777

/1000

Fair

Lumen Vendor Cyber Rating & Cyber Score

lumen.ca

Add Your Compliance Badge

Lumen is the leading distributor of electrical and automation material in Québec. The company was founded in St. Eustache in 1962 and has been part of the worldwide Sonepar Group since 1984. We are experts in our field who have built a reputation for fast, reliable and quality services. Our new ultra-modern 385,000 sq. ft. distribution center and our network of 38 branches allow us to deliver anywhere in Québec within 24 hours. Our logistics capabilities make us a preferred partner for SMBs as well as large corporations. Our products and services are primarily geared toward commercial, residential, industrial, OEM, institutional, municipal and mining markets. Our team’s foremost priority is to meet the most stringent requirements of

Lumen A.I CyberSecurity Scoring

Scoring History

Lumen

Lumen CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

No data available

Loading…

A.I.

Lumen Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for Lumen

Incidents vs Wholesale Industry Avg (This Year)

No incidents recorded for Lumen in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Lumen in 2026.

Incident Types Lumen vs Wholesale Industry Avg (This Year)

No incidents recorded for Lumen in 2026.

Incident History - Lumen (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Lumen Subsidiaries

Lumen

Wholesale

Website: https://www.lumen.ca

Company Size: 709

Sonepar CanadaWholesale

SoneparWholesale

TexcanWholesale

Aztec Electrical Supply Inc.Automation Machinery Manufacturing

GescanWholesale

SescoWholesale

MGM Electric Ltd.Wholesale

Dixon ElectricWholesale

Loading…

Lumen Similar Companies

Atacadão

atacadao.com.br

O Atacadão é uma empresa do Grupo Carrefour Brasil, com mais de 370 unidades de autosserviço e 36 atacados de entrega e centros de distribuição, que garantem o abastecimento de comerciantes, transformadores e consumidores finais, e está em contínua expansão. Com base nos pilares estratégicos de combate à fome e às desigualdades, diversidade e inclusão e proteção ao planeta & biodiversidade, o Atacadão tem o compromisso de oferecer produtos de qualidade a preços justos aos seus clientes. Com 62 anos de história, mais de 70 mil colaboradores e presença em mais de 220 municípios, também atua no e-commerce com o seu próprio canal de vendas online. Em 2023, a rede conquistou importantes prêmios para o setor, como o 1º lugar na categoria atacadista no Top of Mind, da Folha de S. Paulo, o primeiro lugar no ranking de varejo, supermercados e e-commerce do Prêmio BandNews e a 10ª colocação do ranking geral das 1000 Maiores Empresas do País, do Valor Econômico. O Atacadão também lidera o Ranking ABAAS (Associação Brasileira dos Atacadistas de Autosserviço) e da ABAD (Associação Brasileira de Atacadistas e Distribuidores de Produtos Industrializados). Racismo é crime. Denuncie. Disque 100 ou procure a Delegacia de Polícia Civil mais próxima ou o Ministério Público.

Assaí Atacadista

cb assai.com.br

Crescimento, oportunidade, valorização e respeito. Isso é Ser Assaí! Muito prazer, somos o Assaí Atacadista, empresa de atacado de autosserviço que está entre as maiores empregadoras privadas do país, que também carrega uma das Marcas Mais Valiosas do Brasil, segundo o ranking da Interbrand! Hoje, temos mais de 290 lojas, com mais de 80 mil colaboradores(as) que atuam com muita paixão por atender nossos(as) clientes, desde pequenos(as) e médios(as) comerciantes(as) e transformadores(as), até consumidores(as) finais que buscam por variedade e economia, cumprindo a nossa missão de abastecer os lares de milhares de brasileiros(as) com alimentos e itens básicos. Somos uma empresa que cuida da Nossa Gente, zela pela simplicidade, valoriza o Ser Humano e acredita no poder da diversidade e inclusão, atitudes que fazem parte dos valores da Nossa Cultura e, mais do que isso, são vivenciadas e praticadas no dia a dia de toda a Nossa Gente! E com o nosso processo de expansão acelerado, estamos crescendo e trazendo cada vez mais pessoas para fazerem parte do nosso time. Afinal, o crescimento do Nosso Negócio significa o crescimento da Nossa Gente! Por isso, buscamos profissionais que tenham muita vontade de se desenvolver em um ambiente inclusivo, que respeita todos e todas, jeitos, raças, cores e crenças, além de muito dinâmico, repleto de desafios e oportunidades! #VemSerAssaí: acesse assai.gupy.io e cadastre seu CV!

Rexel

rexel.com

Rexel, worldwide expert in the multichannel professional distribution of products and services for the energy world, addresses three main markets: residential, commercial, and industrial. The Group supports its residential, commercial, and industrial customers by providing a tailored and scalable range of products and services in energy management for construction, renovation, production, and maintenance. Rexel operates through a network of more than 1,950 branches in 17 countries, with more than 27,000 employees. The Group’s sales were €19.3 billion in 2024.

METRO/MAKRO

metroag.de

METRO is a leading international wholesale company with food and non-food assortments that specialises in serving the needs of hotels, restaurants and caterers (HoReCa) as well as independent traders. Around the world, METRO has 15 million customers who can choose whether to shop in one of the large-format stores, order online and collect their purchases at the store or have them delivered. METRO also supports the competitiveness of entrepreneurs and independent businesses with digital solutions and thereby contributes to cultural diversity in trade and the hospitality industry. The company operates in more than 30 countries and employs more than 85,000 people worldwide. In financial year 2022/23, METRO generated a group revenue of €31 billion. More information: https://careers.metroag.de Imprint: https://careers.metroag.de/imprint Data Privacy: https://careers.metroag.de/privacy-policy

Ferguson

ferguson.com

Since 1953, Ferguson has been a leading source of quality supplies for a variety of industries. We are proud to provide world-class products and services to a customer base that is as vast and varied as our inventory. The professionals we serve help transform the world we live in, and we are their trusted partners with the scale, expertise and solutions to provide peace of mind. Ferguson is part of Ferguson Enterprises Inc., which has approximately 35,000 associates across 1,700 locations and serves customers in all 50 states, Canada, Puerto Rico, Mexico and the Caribbean.

Wesco

wesco.com

At Wesco, we believe life should run smoothly. As a leading provider of business-to-business distribution, logistics services and supply chain solutions, we create a world that you can depend on. Harnessing 100 years of ingenuity and expertise, we increase profitability, improve productivity and mitigate risk for approximately 150,000 customers worldwide. With millions of products and locations in more than 50 countries, Wesco is your partner in progress. Our company’s greatest asset is our people. From our corporate and field offices to our distribution sites, Wesco employs over 20,000 professionals around the globe. We’re committed to fostering diversity and inclusion across our workforce by embracing the unique perspectives, authenticity, and individuality our team members contribute to the company. Headquartered in Pittsburgh, Wesco is a publicly traded (NYSE: WCC) FORTUNE 500® company with 2023 net sales of $22.4 billion.

Sonepar

sonepar.com

Sonepar is an independent family-owned company standing as the world leader in B-to-B distribution of electrical equipment, solutions, and services. In 2024, Sonepar achieved sales of €32.5 billion. Present in 40 countries with a dense network of brands, the Group is leading an ambitious transformation to make its customers’ lives easier, providing them with an omnichannel experience and sustainable solutions in the building, industry, and energy markets. Sonepar’s 46,000 associates are committed to accelerating the world’s electrification and driven by a shared Purpose: Powering Progress for Future Generations.

Porsche Holding

porsche-holding.com

Porsche Holding Salzburg is the largest and most successful automotive distributor in Europe. Our roots are in Salzburg, but we now also operate in 29 countries on three continents. Our core expertise: global automotive distribution. Our business divisions: automotive wholesale, automotive retail, financial services and IT systems. From a humble family business to one of the largest sales organizations in the world. Driven by our passion for the automobile since the company formation in 1947, Porsche Holding has grown from a family business into the leading mobility partner with dealerships and offices in 23 countries across Europe as well as in Chile, Colombia, China, Singapore, Malaysia, and Japan. Our corporate headquarters is still located where our company's rich history began, in the beautiful Austrian city of Salzburg. As a fully-owned subsidiary of Volkswagen AG, our business focuses on the VW Group brands Volkswagen Passenger Cars and Commercial Vehicles, Škoda, SEAT, CUPRA, Audi, Lamborghini, Bentley, Ducati and Porsche. We shape the future of mobility. Join the Porsche Holding team and be part of it.

Fastenal

fastenal.com

By providing three things – truly local service, the world’s largest vending program, and unmatched inventory management – Fastenal saves your business time and money. Who are Fastenal's customers? • Organizations wanting to strengthen their supply chains. • Businesses looking to streamline their operations. • Campuses planning for tomorrow. In a world of disruptions, Fastenal is a supply chain partner you can count on.

Loading…

NEWS

Lumen CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

March 20, 2026 07:00 AM

Lumen Board Shake Up Puts AI And Cybersecurity At Center Stage

Lumen Technologies announced a leadership shake up, including the retirement of its Board Chair and several Board transitions.

Read Article

March 14, 2026 07:00 AM

Cybersecurity alert: Hijacked devices now key weapon in global attacks

Security researchers have raised alarm over a sophisticated new malware operation called KadNap, which has silently compromised over 14000...

Read Article

March 10, 2026 07:00 AM

KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet

Cybersecurity researchers have discovered a new malware called KadNap that's primarily targeting Asus routers to enlist them into a botnet...

Read Article

February 23, 2026 08:00 AM

Lumen Technologies expands APAC cybersecurity capabilities in collaboration with Palo Alto Networks

SINGAPORE - Media OutReach Newswire - 23 February 2026 - Lumen Technologies has achieved the Palo Alto Networks NextWave Cortex XSIAM Select...

Read Article

January 30, 2026 08:00 AM

Google’s disruption rips millions out of devices out of malicious network

The actions impaired some of IPIDEA's proxy infrastructure, but not all of it. The effort underscores the back-and-forth struggle of taking...

Read Article

January 14, 2026 08:00 AM

Kimwolf botnet’s swift rise to 2M infected devices agitates security researchers

The botnet took an unusual path by abusing residential proxy networks, allowing it to control an untapped collection of unofficial Android...

Read Article

December 15, 2025 08:00 AM

Lumen (LUMN) Stock Trades Down, Here Is Why

What Happened? Shares of telecommunications infrastructure company Lumen Technologies NYSE:LUMN fell 4.2% in the afternoon session after a...

Read Article

December 03, 2025 08:00 AM

Lumen Technologies expands APAC cybersecurity capabilities with Palo Alto Networks

Lumen Technologies has achieved the Palo Alto Networks NextWave Cortex XSIAM Select Specialization Status in Singapore. This specialization...

Read Article

December 03, 2025 08:00 AM

Why Lumen (LUMN) Stock Is Trading Up Today

Shares of telecommunications infrastructure company Lumen Technologies (NYSE: LUMN) jumped 4.4% in the afternoon session after positive...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12175

SUMMARY

A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php. Performing a manipulation of the argument admissionNumber results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 4.7)

cvss2

Base Score: 5.8

Complexity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base Score: 4.7

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.0

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.2

REFERENCES

CVE-2026-12174

SUMMARY

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 8.8)

cvss2

Base Score: 9.0

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-12183

SUMMARY

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability (CWE-287) in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 (administrator) in response to any HTTP POST request that supplies arbitrary credentials (e.g., action=dologin&login=<any_value>&pwd=<any_value>), and subsequent privileged endpoints under /php/ajax-main.php and /modules/* do not validate a server-side session. A remote unauthenticated attacker can invoke any administrative action exposed by the configuration module, including reading and modifying user rules, fuel tank gauges, fuel dispensers, relays, cash registers, bank terminals, fuel cards, price and customer displays, cash collection, and pricing rules.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 9.8)

cvss3

Base Score: 9.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 9.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

3.9

REFERENCES

CVE-2026-6428

SUMMARY

SQL Injection in reports/catalogue_out.pl in Koha Community Koha through 22.11.37, 23.x, 24.x before 24.11.16, 25.05.x before 25.05.11, 25.11.x before 25.11.05, 26.05.x before 26.05.01, and 26.11.x before 26.11.00 allows an authenticated staff user with the Reports module flag to read arbitrary data from the Koha application database via the Filter URL parameter when the Criteria parameter matches /branchcode/. The vulnerable sink in sub calculate concatenates the unmodified Filter request parameter directly into a LIKE clause of the auxiliary $strsth2 statement and executes it via DBI without bound parameters: my $f = @$filters[0]; $f =~ s/\*/%/g; $strsth2 .= " AND $column LIKE '$f' "; This enables error-based SQL injection (e.g., via EXTRACTVALUE) and full read access to sensitive tables including borrowers (password hashes, 2FA secrets, PII), borrower_password_recovery, api_keys, and sessions. Proof of concept (error-based, single request): GET /cgi-bin/koha/reports/catalogue_out.pl?do_it=1&output=screen&Limit=10&Criteria=branchcode&Filter=x'+AND+EXTRACTVALUE(1,CONCAT(0x7e,VERSION(),0x7c,USER(),0x7c,DATABASE(),0x7e))--+- Cookie: CGISESSID=<LIBRARIAN_SESSION> The response body contains the DBI exception leaking the MariaDB version, database user, client IP, and database name, after which arbitrary data can be paged out using LIMIT n,1 / SUBSTRING(...). The vulnerable sink was introduced in commit 6bb77ae3e4 (2008-07-09); CVE-2015-4633 patched the same class in sibling files but did not generalise the fix to reports/catalogue_out.pl. Fixed in Koha 22.11.38, 24.11.16, 25.05.11, 25.11.05, 26.05.01, and 26.11.00 by replacing the raw concatenation with a parameterised placeholder.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.6)

cvss2

Base Score: 7.5

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:N/A:P

cvss3

Base Score: 7.6

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

cvss4

Base Score: 5.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:C/RE:X/U:Amber

Impact Score

4.7

Exploitability

2.8

REFERENCES

CVE-2026-5513

SUMMARY

The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-customer-full-name' cookie in versions up to, and including, 27.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Exploitation requires 'Remember personal information in cookies' setting to be enabled (disabled by default).

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.2)

cvss3

Base Score: 7.2

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Impact Score

2.7

Exploitability

3.9

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…