MDL
Company Details
Linkedin ID:
maryland-department-of-labor
Website:
Employees number:
573
Number of followers:
17,506
NAICS:
92
Industry Type:
Homepage:
maryland.gov
IP Addresses:
0
Company ID:
MAR_6213997
Scan Status:
In-progress
Maryland Department of Labor Company CyberSecurity Posture
maryland.gov
The Maryland Department of Labor strives to create an equitable and inclusive Maryland where all residents have the opportunities and resources to attain financial stability, reach their career potential, and contribute to their communities; where businesses have access to capital and the skilled workforce they need to succeed; where workplaces are safe and well-regulated; and where the economy is resilient and growing. See our social media guidelines at https://labor.maryland.gov/aboutdllr/social-media-guidelines.shtml.
Maryland Department of Labor A.I CyberSecurity Scoring
MDL Risk Score (AI oriented)Between 750 and 799
MDL
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
MDL Global Score (TPRM)XXXX
MDL
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
MDL Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Maryland Department of Labor
Data Leak
Rankiteo Explanation
Attack limited on finance or reputation
Description: The names and Social Security numbers of 78,000 Marylanders were accessed by hackers who breached Maryland Department of Labor databases and the breach happened in April and involved data files from 2009, 2010, 2013 and 2014. State investigators have found no evidence that the personal information was downloaded. The files breached were stored on the Literacy Works Information System and an old unemployment insurance service database. Working with the Department of Labor, Maryland DoIT also notified law enforcement and retained an independent expert to investigate how the information was accessed. They worked with the Department of Labor to minimize the impact of this breach, and to prevent future misuse of state systems.
MDL Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for MDL
Incidents vs Government Administration Industry Average (This Year)
No incidents recorded for Maryland Department of Labor in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Maryland Department of Labor in 2025.
Incident Types MDL vs Government Administration Industry Avg (This Year)
No incidents recorded for Maryland Department of Labor in 2025.
Incident History — MDL (X = Date, Y = Severity)
MDL cyber incidents detection timeline including parent company and subsidiaries
MDL Company Subsidiaries
The Maryland Department of Labor strives to create an equitable and inclusive Maryland where all residents have the opportunities and resources to attain financial stability, reach their career potential, and contribute to their communities; where businesses have access to capital and the skilled workforce they need to succeed; where workplaces are safe and well-regulated; and where the economy is resilient and growing. See our social media guidelines at https://labor.maryland.gov/aboutdllr/social-media-guidelines.shtml.
Loading...
MDL Similar Companies
Comunidad de Madrid
Si necesitas información general y especializada sobre los servicios públicos madrileños puedes llamar al teléfono de Atención al Ciudadano 012. En la Comunidad de Madrid estamos encantados de recibir comentarios y favorecer el diálogo, por eso te proponemos unas normas básicas de participación:
Ministero dell'Agricoltura, della Sovranità alimentare e delle Foreste
Il Ministero dell'Agricoltura, della Sovranità alimentare e delle Foreste (Masaf) si occupa dell'elaborazione e del coordinamento delle linee politiche agricole, agroalimentari, forestali, della pesca e dell’ippica a livello nazionale e internazionale. Rappresenta l'Italia in sede europea nelle cont
Belastingdienst
De organisatie bestaat uit diverse onderdelen, waaronder de Belastingdienst, Douane, Toeslagen, FIOD en enkele facilitaire organisaties. Met ruim 30.000 medewerkers werken we in kantoren die verspreid zijn over het hele land. Gezamenlijk heffen, innen en controleren we belastingen. Daarnaast zorgen
Nav
Nav er en viktig del av sikkerhetsnettet i velferdsstaten. Vi skal bidra til at flere kommer i arbeid og færre går på stønad, og samtidig sørge for at de som trenger det er sikra inntekt og økonomisk trygghet gjennom rett pengestøtte til rett tid. For å løse dette samfunnsoppdraget forvalter Nav om
UWV
Bij UWV werken we aan een samenleving waarin iedereen mee kan doen. We helpen mensen op weg bij het vinden of behouden van werk. In geval van ziekte kijken we wat iemand nog wél kan. En als werken niet mogelijk is, zorgt UWV snel voor inkomen. We geven op deskundige en efficiënte wijze uitvoering a
Ministry of Environment and Urbanism
MINISTRY of ENVIRONMENT and URBANISM (MEU) MAIN SERVICE UNITS ================== 1) General Directorate of Construction Works 2) General Directorate of Spatial Planning 3) General Directorate of Environmental Management 4) General Directorate of EIA, Permits and Control 5) General Directo
Department for Education
Help us achieve world-class education, training and care for everyone, whatever their background. Whether you're just starting out, or an experienced professional, we have what you are looking for. Jobs include administration, policy advisers, digital, finance, commercial specialists and many more
Government of Western Australia
Welcome to the official WA Government page where you can stay up to date on the latest information about Western Australia and WA government initiatives. Questions relating to a specific activity within the WA Government should be referred to the relevant Department or Minister’s Office for a re
City of Toronto
The City of Toronto is committed to fostering a positive and progressive workplace culture, and strives to build a workforce that reflects the citizens it serves. We are committed to building a high performing public service, with strong and effective leaders to enable service excellence, through hi
.png)
MDL CyberSecurity News
November 24, 2025 04:29 PM
With Crossed Wires and Late Funding, Some Call Ed Move to Labor a ‘Muddle’
State and district leaders predict further complications when the Labor Department starts managing $28 billion in K-12 funds.
November 13, 2025 08:00 AM
Maryland to use Anthropic AI to address child poverty, housing access
Some Maryland employees will use Anthropic's AI tools in an effort to reduce child poverty, improve housing access and streamline processes.
October 30, 2025 07:00 AM
Maryland Launches Cybersecurity Disclosure Program Covering State and Local Systems
Maryland has implemented a cybersecurity program giving security researchers a legal pathway to report cybersecurity vulnerabilities.
October 23, 2025 07:00 AM
Familiar With Maryland FAMLI? MDOL Reissues Proposed Regulations
Maryland Department of Labor MDOL reissues proposed regulations to implement the Family and Medical Leave Insurance FAMLI program,...
October 14, 2025 07:00 AM
Nonprofit, Bowie State partner to expand tech career pathways
The state's higher education commission and department of labor announced a partnership to expand tech career pathways.
October 13, 2025 07:00 AM
Maryland expands tech workforce training through Bowie State partnership
Through a new partnership, Maryland is working to grow its tech workforce. The Maryland Higher Education Commission and the Maryland...
October 11, 2025 07:00 AM
Maryland invests nearly $4 million in workforce training to meet in-demand career needs
ANNAPOLIS, MD—Governor Wes Moore this week announced a nearly $4 million investment in the Employment Advancement Right Now (EARN) Maryland...
October 10, 2025 07:00 AM
Bowie State University, CodePath and Maryland Agencies Partner to Expand Tech Career Pathways
Maryland Higher Education Commission and Maryland Department of Labor Facilitate New Opportunity for Students. Bowie State University...
October 10, 2025 07:00 AM
Gov. Wes Moore Invests $4 Million To Train Maryland Workers For High-Demand Careers
ANNAPOLIS, Md. — Governor Wes Moore today announced nearly $4 million in awards to help upskill Maryland's workforce for in-demand careers...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
MDL CyberSecurity History Information
Official Website of Maryland Department of Labor
The official website of Maryland Department of Labor is http://www.labor.maryland.gov/.
Maryland Department of Labor’s AI-Generated Cybersecurity Score
According to Rankiteo, Maryland Department of Labor’s AI-generated cybersecurity score is 761, reflecting their Fair security posture.
How many security badges does Maryland Department of Labor’ have ?
According to Rankiteo, Maryland Department of Labor currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Maryland Department of Labor have SOC 2 Type 1 certification ?
According to Rankiteo, Maryland Department of Labor is not certified under SOC 2 Type 1.
Does Maryland Department of Labor have SOC 2 Type 2 certification ?
According to Rankiteo, Maryland Department of Labor does not hold a SOC 2 Type 2 certification.
Does Maryland Department of Labor comply with GDPR ?
According to Rankiteo, Maryland Department of Labor is not listed as GDPR compliant.
Does Maryland Department of Labor have PCI DSS certification ?
According to Rankiteo, Maryland Department of Labor does not currently maintain PCI DSS compliance.
Does Maryland Department of Labor comply with HIPAA ?
According to Rankiteo, Maryland Department of Labor is not compliant with HIPAA regulations.
Does Maryland Department of Labor have ISO 27001 certification ?
According to Rankiteo,Maryland Department of Labor is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Maryland Department of Labor
Maryland Department of Labor operates primarily in the Government Administration industry.
Number of Employees at Maryland Department of Labor
Maryland Department of Labor employs approximately 573 people worldwide.
Subsidiaries Owned by Maryland Department of Labor
Maryland Department of Labor presently has no subsidiaries across any sectors.
Maryland Department of Labor’s LinkedIn Followers
Maryland Department of Labor’s official LinkedIn profile has approximately 17,506 followers.
NAICS Classification of Maryland Department of Labor
Maryland Department of Labor is classified under the NAICS code 92, which corresponds to Public Administration.
Maryland Department of Labor’s Presence on Crunchbase
No, Maryland Department of Labor does not have a profile on Crunchbase.
Maryland Department of Labor’s Presence on LinkedIn
Yes, Maryland Department of Labor maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/maryland-department-of-labor.
Cybersecurity Incidents Involving Maryland Department of Labor
As of December 08, 2025, Rankiteo reports that Maryland Department of Labor has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Maryland Department of Labor has an estimated 11,418 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Maryland Department of Labor ?
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak.
How does Maryland Department of Labor detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with independent expert, and .
Incident Details
Can you provide details on each incident ?
Title: Maryland Department of Labor Data Breach
Description: Hackers accessed the names and Social Security numbers of 78,000 Marylanders by breaching Maryland Department of Labor databases. The breach occurred in April and involved data files from 2009, 2010, 2013, and 2014. State investigators found no evidence that the personal information was downloaded. The files breached were stored on the Literacy Works Information System and an old unemployment insurance service database.
Date Detected: 2023-04-01
Type: Data Breach
Attack Vector: Database Breach
Threat Actor: Hackers
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Data Leak.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach MAR1627323
Data Compromised: Names, Social security numbers
Systems Affected: Literacy Works Information SystemUnemployment Insurance Service Database
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Names, Social Security Numbers and .
Which entities were affected by each incident ?
Incident : Data Breach MAR1627323
Entity Name: Maryland Department of Labor
Entity Type: Government
Industry: Public Administration
Location: Maryland, USA
Customers Affected: 78000
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach MAR1627323
Third Party Assistance: Independent expert
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Independent expert.
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach MAR1627323
Type of Data Compromised: Names, Social security numbers
Number of Records Exposed: 78000
Sensitivity of Data: High
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach MAR1627323
Investigation Status: Ongoing
Post-Incident Analysis
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Independent expert.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Hackers.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2023-04-01.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Names, Social Security numbers and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Literacy Works Information SystemUnemployment Insurance Service Database.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was Independent expert.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Social Security numbers and Names.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 780.0.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
.png)
Latest Global CVEs (Not Company-Specific)
Description
A vulnerability has been found in TykoDev cherry-studio-TykoFork 0.1. This issue affects the function redirectToAuthorization of the file /.well-known/oauth-authorization-server of the component OAuth Server Discovery. Such manipulation of the argument authorizationUrl leads to os command injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.
Risk Information
cvss2
Base: 6.5
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
cvss3
Base: 6.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A flaw has been found in code-projects Question Paper Generator up to 1.0. This vulnerability affects unknown code of the file /selectquestionuser.php. This manipulation of the argument subid causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used.
Risk Information
cvss2
Base: 6.5
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
cvss3
Base: 6.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A vulnerability was found in alokjaiswal Hotel-Management-services-using-MYSQL-and-php up to 5f8b60a7aa6c06a5632de569d4e3f6a8cd82f76f. Affected by this vulnerability is an unknown functionality of the file /dishsub.php. The manipulation of the argument item.name results in cross site scripting. It is possible to launch the attack remotely. The exploit has been made public and could be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 3.3
Severity: LOW
AV:N/AC:L/Au:M/C:N/I:P/A:N
cvss3
Base: 2.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
cvss4
Base: 4.8
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A vulnerability has been found in alokjaiswal Hotel-Management-services-using-MYSQL-and-php up to 5f8b60a7aa6c06a5632de569d4e3f6a8cd82f76f. Affected is an unknown function of the file /usersub.php of the component Request Pending Page. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 4.0
Severity: LOW
AV:N/AC:L/Au:S/C:N/I:P/A:N
cvss3
Base: 3.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
cvss4
Base: 5.1
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A flaw has been found in Verysync 微力同步 up to 2.21.3. This impacts an unknown function of the file /rest/f/api/resources/f96956469e7be39d/tmp/text.txt?override=false of the component Web Administration Module. Executing manipulation can lead to unrestricted upload. The attack may be performed from remote. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 6.5
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
cvss3
Base: 6.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=maryland-department-of-labor' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
