MML[FEB
Company Details
Linkedin ID:
mahindraexperience
Website:
Employees number:
17,283
Number of followers:
692,677
NAICS:
3361
Industry Type:
Homepage:
mahindracareers.com
IP Addresses:
0
Company ID:
MAH_3107864
Scan Status:
In-progress
Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] Company CyberSecurity Posture
mahindracareers.com
A USD 19.4 billion multinational group based in Mumbai, India, Mahindra provides employment opportunities to over 256,000 people across 100 countries. Mahindra operates in the key industries that drive economic growth, enjoying a leadership position in tractors, utility vehicles, information technology, financial services and vacation ownership. In addition, Mahindra enjoys a strong presence in the agribusiness, aerospace, components, consulting services, defence, energy, industrial equipment, logistics, real estate, retail, steel, commercial vehicles and two wheeler industries. The Automotive and Farm Equipment Business is the largest contributor of the Mahindra Group’s revenue. With 30,000+ full time employees spread across 20 locations, Mahindra has a strong presence in India. Further it propels an entire manufacturing ecosystem of 1,200 suppliers and 3,500 dealers, thereby creating direct and indirect employment for over 200,000 individuals. Our Farm Equipment business is the number 1 tractor company in the world by volume. In addition to our focus on maintaining a leading position in the core tractor mechanization business, we strive to deliver on our aspiration of “Farm Tech Prosperity” thus enabling our customers and our communities to RISE. Our Automotive business is a full-range mobility player with a presence in almost every segment of the automobile industry. Our product portfolio ranges from world class SUVs, premium luxury UVs, sedans, pick-ups, light, medium and heavy commercial vehicles to three-wheelers. All these cater to a diverse customer base spanning across rural and semi-urban customers. Leveraging our growing dominance, domestic & international market penetration and recent strategic acquisitions, we aim to provide world class exeperience to our customers and team members.
Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] A.I CyberSecurity Scoring
MML[FEB Risk Score (AI oriented)Between 800 and 849
MML[FEB
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
MML[FEB Global Score (TPRM)XXXX
MML[FEB
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
MML[FEB Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Tech Mahindra
Data Leak
Rankiteo Explanation
Attack limited on finance or reputation
Description: Singapore’s privacy watchdog fined Tech Mahindra $10,000 after it failed to protect the personal details of 2.78 million Singtel customers from unauthorised changes. Because this incident inadvertently caused the personal data of one customer to be leaked online. The incident was reported after the customers noticed someone else’s NRIC number, account number and billing address on the My Singtel app and the telco’s website.
MML[FEB Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for MML[FEB
Incidents vs Motor Vehicle Manufacturing Industry Average (This Year)
No incidents recorded for Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] in 2025.
Incident Types MML[FEB vs Motor Vehicle Manufacturing Industry Avg (This Year)
No incidents recorded for Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] in 2025.
Incident History — MML[FEB (X = Date, Y = Severity)
MML[FEB cyber incidents detection timeline including parent company and subsidiaries
MML[FEB Company Subsidiaries
A USD 19.4 billion multinational group based in Mumbai, India, Mahindra provides employment opportunities to over 256,000 people across 100 countries. Mahindra operates in the key industries that drive economic growth, enjoying a leadership position in tractors, utility vehicles, information technology, financial services and vacation ownership. In addition, Mahindra enjoys a strong presence in the agribusiness, aerospace, components, consulting services, defence, energy, industrial equipment, logistics, real estate, retail, steel, commercial vehicles and two wheeler industries. The Automotive and Farm Equipment Business is the largest contributor of the Mahindra Group’s revenue. With 30,000+ full time employees spread across 20 locations, Mahindra has a strong presence in India. Further it propels an entire manufacturing ecosystem of 1,200 suppliers and 3,500 dealers, thereby creating direct and indirect employment for over 200,000 individuals. Our Farm Equipment business is the number 1 tractor company in the world by volume. In addition to our focus on maintaining a leading position in the core tractor mechanization business, we strive to deliver on our aspiration of “Farm Tech Prosperity” thus enabling our customers and our communities to RISE. Our Automotive business is a full-range mobility player with a presence in almost every segment of the automobile industry. Our product portfolio ranges from world class SUVs, premium luxury UVs, sedans, pick-ups, light, medium and heavy commercial vehicles to three-wheelers. All these cater to a diverse customer base spanning across rural and semi-urban customers. Leveraging our growing dominance, domestic & international market penetration and recent strategic acquisitions, we aim to provide world class exeperience to our customers and team members.
Loading...
MML[FEB Similar Companies
JLR
Every vehicle. Every innovation. Every bit of momentum in over 170 markets worldwide. None of it would be possible without the expertise, drive and continued ambition of our people. We’re proud of our heritage, but it’s our vision for the future that excites us most. Right across our business, ever
Honda Cars India Ltd
Honda Cars India Ltd. (HCIL), a leading manufacturer of premium cars in India, was established in December 1995 with a commitment to provide Honda’s passenger car models and technologies, to the Indian customers. HCIL’s corporate office is based in Greater Noida, UP and its state-of-the-art manufact
Tesla
Tesla is accelerating the world’s transition to sustainable abundance. To achieve our mission, we're building a world powered by solar, enabled by battery storage and transported by electric vehicles. We’re committed to hiring and developing top talent from around the world for any given disciplin
PACCAR
PACCAR is a global technology leader in the design, manufacture and customer support of premium light-, medium- and heavy-duty trucks under the Kenworth, Peterbilt and DAF nameplates. PACCAR also designs and manufactures advanced diesel engines, provides financial services, information technology, a
Freudenberg Group
Freudenberg is a global technology group that strengthens its customers and society long-term through forward-looking innovations. Together with its partners, customers and research institutions, the Freudenberg Group develops leading-edge technologies and excellent products and services for about 4
Scania Group
Scania is a world-leading provider of transport solutions committed to a better tomorrow. Our purpose is to drive the shift towards a sustainable transport system. In doing so, we are creating a world of mobility that’s better for business, society and our environment. Employing more than 50,000 pe
OPmobility
OPmobility is a world leader in sustainable mobility and a technology partner to mobility players worldwide. Driven by innovation since its creation in 1946, the Group is today composed of five complementary business groups that enable it to offer its customers a wide range of solutions: intelligent
Bridgestone Americas, Inc. (BSAM), headquartered in Nashville, Tennessee, and Bridgestone Europe, Middle East and Africa (BSEMEA), headquartered in Brussels, Belgium, operate collectively as a “Bridgestone West” strategic region. This region services the strategic business needs of teams across the
Motherson Group
Founded in 1975, Motherson is one of the world’s leading auto component makers, supplying OEMs globally from over 400 facilities in 44 countries spread across five continents with over 190,000 employees. Within the automotive industry, it is one of the leading global manufacturers of exterior rear
.png)
MML[FEB CyberSecurity News
December 08, 2025 09:03 AM
Reliance Industries Appoints Shrivallabha Kulkarni as Chief Digital Officer for Battery Business
Reliance Industries Limited has named Shrivallabha Kulkarni as Chief Digital Officer & Senior Vice President – Battery Business, a move.
November 04, 2025 08:00 AM
Mahindra & Mahindra Ltd (MAHMF) Q2 2026 Earnings Call Highlights: Strong Growth Across ...
Mahindra & Mahindra Ltd (MAHMF) reports robust revenue and profit growth, with significant gains in farm and auto sectors despite...
September 26, 2025 07:00 AM
Tapan Kumar Ghosh Appointed CEO of VinFast India
VinFast, the Vietnamese electric vehicle manufacturer, has announced the appointment of Tapan Kumar Ghosh as the Chief Executive Officer.
September 13, 2025 07:00 AM
Mahindra Tractors, Maharashtra Govt partner to launch skill development centre in Gadchiroli
Mahindra Tractors partners with Maharashtra Govt to launch a Skill Development Centre in Gadchiroli, empowering rural youth.
September 02, 2025 07:00 AM
Tata Motors Reports Global IT Security Incident at JLR Operations
JLR operates a complex global IT infrastructure spanning 128 sites worldwide. The company has undergone significant digital transformation...
August 27, 2025 07:00 AM
Anurag Garg Appointed as SVP & CIO at Welspun Enterprises Ltd
Welspun Enterprises Ltd has announced the appointment of Anurag Garg as Senior Vice President & Chief Information Officer (CIO).
August 16, 2025 07:00 AM
Mahindra Reveals Global SUV Strategy for 2027 with Four Bold Concept Models on New NU_IQ Platform
Mahindra & Mahindra Ltd, India's premier SUV manufacturer, has unveiled its Global Vision 2027, introducing the all-new NU_IQ platform — a...
August 01, 2025 07:00 AM
Mahindra & Mahindra Ltd (MAHMF) Q1 2026 Earnings Call Highlights: Strong Profit Growth and ...
Mahindra & Mahindra Ltd (MAHMF) reports a 24% rise in profit and significant market share expansion in the SUV segment, despite challenges...
December 08, 2023 08:00 AM
Mahindra Group Stocks: Best Mutual Funds with Substantial Exposure
The Mahindra Group began with the steel trading business seven decades ago and now has become a brand that traverses nations and sectors.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
MML[FEB CyberSecurity History Information
Official Website of Mahindra and Mahindra Limited [Automotive and Farm Equipment Business]
The official website of Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] is http://jobs.mahindracareers.com.
Mahindra and Mahindra Limited [Automotive and Farm Equipment Business]’s AI-Generated Cybersecurity Score
According to Rankiteo, Mahindra and Mahindra Limited [Automotive and Farm Equipment Business]’s AI-generated cybersecurity score is 805, reflecting their Good security posture.
How many security badges does Mahindra and Mahindra Limited [Automotive and Farm Equipment Business]’ have ?
According to Rankiteo, Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] have SOC 2 Type 1 certification ?
According to Rankiteo, Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] is not certified under SOC 2 Type 1.
Does Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] have SOC 2 Type 2 certification ?
According to Rankiteo, Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] does not hold a SOC 2 Type 2 certification.
Does Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] comply with GDPR ?
According to Rankiteo, Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] is not listed as GDPR compliant.
Does Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] have PCI DSS certification ?
According to Rankiteo, Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] does not currently maintain PCI DSS compliance.
Does Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] comply with HIPAA ?
According to Rankiteo, Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] is not compliant with HIPAA regulations.
Does Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] have ISO 27001 certification ?
According to Rankiteo,Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Mahindra and Mahindra Limited [Automotive and Farm Equipment Business]
Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] operates primarily in the Motor Vehicle Manufacturing industry.
Number of Employees at Mahindra and Mahindra Limited [Automotive and Farm Equipment Business]
Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] employs approximately 17,283 people worldwide.
Subsidiaries Owned by Mahindra and Mahindra Limited [Automotive and Farm Equipment Business]
Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] presently has no subsidiaries across any sectors.
Mahindra and Mahindra Limited [Automotive and Farm Equipment Business]’s LinkedIn Followers
Mahindra and Mahindra Limited [Automotive and Farm Equipment Business]’s official LinkedIn profile has approximately 692,677 followers.
NAICS Classification of Mahindra and Mahindra Limited [Automotive and Farm Equipment Business]
Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] is classified under the NAICS code 3361, which corresponds to Motor Vehicle Manufacturing.
Mahindra and Mahindra Limited [Automotive and Farm Equipment Business]’s Presence on Crunchbase
No, Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] does not have a profile on Crunchbase.
Mahindra and Mahindra Limited [Automotive and Farm Equipment Business]’s Presence on LinkedIn
Yes, Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/mahindraexperience.
Cybersecurity Incidents Involving Mahindra and Mahindra Limited [Automotive and Farm Equipment Business]
As of December 21, 2025, Rankiteo reports that Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] has an estimated 12,716 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] ?
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak.
What was the total financial impact of these incidents on Mahindra and Mahindra Limited [Automotive and Farm Equipment Business] ?
Total Financial Loss: The total financial loss from these incidents is estimated to be $10 thousand.
Incident Details
Can you provide details on each incident ?
Title: Tech Mahindra Data Leak Incident
Description: Singapore’s privacy watchdog fined Tech Mahindra $10,000 after it failed to protect the personal details of 2.78 million Singtel customers from unauthorised changes. The incident inadvertently caused the personal data of one customer to be leaked online. The incident was reported after the customers noticed someone else’s NRIC number, account number, and billing address on the My Singtel app and the telco’s website.
Type: Data Leak
Attack Vector: Unauthorized changes
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Data Leak.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Leak TEC172301022
Financial Loss: Fined $10,000
Data Compromised: Personal details of 2.78 million Singtel customers
Systems Affected: My Singtel appSingtel’s website
What is the average financial loss per incident ?
Average Financial Loss: The average financial loss per incident is $10.00 thousand.
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Nric Number, Account Number, Billing Address and .
Which entities were affected by each incident ?
Incident : Data Leak TEC172301022
Entity Name: Singtel
Entity Type: Telecommunications Company
Industry: Telecommunications
Location: Singapore
Customers Affected: 2.78 million
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Leak TEC172301022
Type of Data Compromised: Nric number, Account number, Billing address
Number of Records Exposed: 2.78 million
Personally Identifiable Information: NRIC number, Account number, Billing address
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Leak TEC172301022
Fines Imposed: $10,000
Additional Questions
Impact of the Incidents
What was the highest financial loss from an incident ?
Highest Financial Loss: The highest financial loss from an incident was Fined $10,000.
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident was Personal details of 2.78 million Singtel customers.
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was My Singtel appSingtel’s website.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was Personal details of 2.78 million Singtel customers.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 2.8M.
Regulatory Compliance
What was the highest fine imposed for a regulatory violation ?
Highest Fine Imposed: The highest fine imposed for a regulatory violation was $10,000.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Versa SASE Client for Windows versions released between 7.8.7 and 7.9.4 contain a local privilege escalation vulnerability in the audit log export functionality. The client communicates user-controlled file paths to a privileged service, which performs file system operations without impersonating the requesting user. Due to improper privilege handling and a time-of-check time-of-use race condition combined with symbolic link and mount point manipulation, a local authenticated attacker can coerce the service into deleting arbitrary directories with SYSTEM privileges. This can be exploited to delete protected system folders such as C:\\Config.msi and subsequently achieve execution as NT AUTHORITY\\SYSTEM via MSI rollback techniques.
Risk Information
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to unauthorized modification of data due to a missing capability check on the 'cs_update_application_status_callback' function in all versions up to, and including, 7.7. This makes it possible for authenticated attackers, with Candidate-level access and above, to inject cross-site scripting into the 'status' parameter of applied jobs for any user.
Risk Information
cvss3
Base: 7.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Description
The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 7.7 via the 'cs_update_application_status_callback' due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Candidate-level access and above, to send a site-generated email with injected HTML to any user.
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Description
The FiboSearch – Ajax Search for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `thegem_te_search` shortcode in all versions up to, and including, 1.32.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This vulnerability requires TheGem theme (premium) to be installed with Header Builder mode enabled, and the FiboSearch "Replace search bars" option enabled for TheGem integration.
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
References
- https://plugins.trac.wordpress.org/browser/ajax-search-for-woocommerce/tags/1.32.0/partials/themes/thegem-elementor.php#L104
- https://plugins.trac.wordpress.org/browser/ajax-search-for-woocommerce/tags/1.32.0/partials/themes/thegem-elementor.php#L94
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3420841%40ajax-search-for-woocommerce%2Ftrunk&old=3398612%40ajax-search-for-woocommerce%2Ftrunk&sfp_email=&sfph_mail=#file136
- https://wordpress.org/plugins/ajax-search-for-woocommerce
- https://www.wordfence.com/threat-intel/vulnerabilities/id/8149103e-105d-401d-8a15-b07d131baaac?source=cve
Description
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.0 via the ajax_get_members function. This is due to the use of a predictable low-entropy token (5 hex characters derived from md5 of post ID) to identify member directories and insufficient authorization checks on the unauthenticated AJAX endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including usernames, display names, user roles (including administrator accounts), profile URLs, and user IDs by enumerating predictable directory_id values or brute-forcing the small 16^5 token space.
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
References
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/class-functions.php#L41
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/core/class-ajax-common.php#L61
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/core/class-member-directory.php#L205
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/core/class-member-directory.php#L2795
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/templates/members.php#L26
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3421362%40ultimate-member%2Ftrunk&old=3408617%40ultimate-member%2Ftrunk&sfp_email=&sfph_mail=
- https://www.wordfence.com/threat-intel/vulnerabilities/id/61337d2d-d15a-45f2-b730-fc034eb3cd31?source=cve
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=mahindraexperience' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
