ISO 27001 Certificate
SOC 1 Type I Certificate
SOC 2 Type II Certificate
PCI DSS
HIPAA
RGPD
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions

MCH Group Company CyberSecurity Posture

mch-group.com
ISOSOC2 Type 1SOC2 Type 2PCI DSSHIPAAGDPR

MCH Group, headquartered in Basel, Switzerland, is an internationally active experience marketing company with a comprehensive service network. It organizes around 30 community platforms in Switzerland and abroad, including Art Basel, Swissbau and Giardina. The Live Marketing Services division offers comprehensive experiential marketing solutions with its brands MCH Global, MC2, and Expomobilia. MCH Group also operates the Messe and Congress Center Basel and the Messe Zurich. Job opportunities at MCH Group: https://www.mch-group.com/en/employer/jobs-careers/ (please copy and paste the link into your browser)

MCH Group A.I CyberSecurity Scoring

MCH Group

Company Details

Linkedin ID:

mch-group-ltd-

Website:

https://www.mch-group.com

Employees number:

282

Number of followers:

10,374

NAICS:

7111

Industry Type:

Performing Arts

Homepage:

mch-group.com

IP Addresses:

0

Company ID:

MCH_2076610

Scan Status:

In-progress

AI scoreMCH Group Risk Score (AI oriented)

Between 700 and 749

https://images.rankiteo.com/companyimages/mch-group-ltd-.jpeg
MCH Group Performing Arts
Updated:
  • Powered by our proprietary A.I cyber incident model
  • Insurance preferes TPRM score to calculate premium
globalscoreMCH Group Global Score (TPRM)

XXXX

https://images.rankiteo.com/companyimages/mch-group-ltd-.jpeg
MCH Group Performing Arts
  • Instant access to detailed risk factors
  • Benchmark vs. industry & size peers
  • Vulnerabilities
  • Findings

MCH Group Company CyberSecurity News & History

Past Incidents
1
Attack Types
1
EntityTypeSeverityImpactSeenBlog DetailsIncident DetailsView
MCH GroupRansomware100511/2021
MCH1558111122
Rankiteo Explanation :
Attack threatening the organization's existence

Description: Art Basel’s parent company, the MCH Group hit by a criminal cyber attack using malware in November 2021. The compromised information includes personal contact details” of customers, employees, and partners. Customers were encouraged by MCH Group to change any passwords related to the services and accounts of the company as well as any other accounts for which they shared the same password.

MCH Group
Ransomware
Severity: 100
Impact: 5
Seen: 11/2021
Blog:
MCH1558111122
Rankiteo Explanation
Attack threatening the organization's existence

Description: Art Basel’s parent company, the MCH Group hit by a criminal cyber attack using malware in November 2021. The compromised information includes personal contact details” of customers, employees, and partners. Customers were encouraged by MCH Group to change any passwords related to the services and accounts of the company as well as any other accounts for which they shared the same password.

Ailogo

MCH Group Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

🔒
Incident Predictions locked
Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

🔒
A.I. Risk Score Predictions locked
Access Monitoring Plan
statics

Underwriter Stats for MCH Group

Incidents vs Performing Arts Industry Average (This Year)

No incidents recorded for MCH Group in 2025.

Incidents vs All-Companies Average (This Year)

No incidents recorded for MCH Group in 2025.

Incident Types MCH Group vs Performing Arts Industry Avg (This Year)

No incidents recorded for MCH Group in 2025.

Incident History — MCH Group (X = Date, Y = Severity)

MCH Group cyber incidents detection timeline including parent company and subsidiaries

MCH Group Company Subsidiaries

SubsidiaryImage

MCH Group, headquartered in Basel, Switzerland, is an internationally active experience marketing company with a comprehensive service network. It organizes around 30 community platforms in Switzerland and abroad, including Art Basel, Swissbau and Giardina. The Live Marketing Services division offers comprehensive experiential marketing solutions with its brands MCH Global, MC2, and Expomobilia. MCH Group also operates the Messe and Congress Center Basel and the Messe Zurich. Job opportunities at MCH Group: https://www.mch-group.com/en/employer/jobs-careers/ (please copy and paste the link into your browser)

similarCompanies

MCH Group Similar Companies

Tulsa Ballet
tulsaballet.org

Regarded as one of the top ballet companies in North America and internationally recognized, Tulsa Ballet consistently brings the finest works of the classical and contemporary repertory to the Oklahoma stage, presenting the same works and sharing the same world-renowned choreographers with the top

Security Report Compare
Associated Controls + Design
acdtheatrical.com

Our services include: Design: we provide full-service design support for programming through close out. We work with owners, users, architects and engineers to shape the space and then to design and specify the equipment to go into it. This includes stage rigging, lighting, dimming, controls, stage

Security Report Compare
Milwaukee Public Theatre
milwaukeepublictheatre.org

access…diversity… imagination! Milwaukee Public Theatre’s philosophy plays out daily in the ways the company brings the healing power of the arts to individuals and the community. You will find MPT performers on stage, in the workplace, in the classroom, and out on the streets…making a creative di

Security Report Compare
Norton Healthcare Sports & Learning Center
nortonslc.com

Norton Healthcare Sports & Learning Center sits on the Louisville Urban League Sports & Learning Campus, a 24-acre, multi-sport complex located in Louisville’s Russell neighborhood that opened in February 2021. The campus hosts local, regional and national indoor and outdoor track meets, other sport

Security Report Compare
Youth Ballet of Saskatchewan
youthballet.com

Youth Ballet of Saskatchewan is both a dance school and a Pre-Professional Company. Youth Ballet is a non-profit organization that has been in operation since 1983. Alumni have danced with Canada's National Ballet School, Royal Winnipeg Ballet, Ballet BC, and Winnipeg Contemporary Dancers. The scho

Security Report Compare
Raymond F. Kravis Center for the Performing Arts
kravis.org

Founded in 1992, The Kravis Center is a multi-venue arts entertainment complex presenting world-class performances and a wide array of enriching arts education programs throughout the year located in the heart of the Arts and Entertainment District in downtown West Palm Beach. The Center has three p

Security Report Compare
newsone

MCH Group CyberSecurity News

August 07, 2024 07:00 AM
Making Science and the SOPEF Fund Will Invest up to 40 Million Euros in the Subsidiary Making Science Marketing & AdTech

Making Science Group, S.A. (BME Growth: MAKS), a leading digital marketing and technology company, today announced an agreement with the...

Read Article
September 15, 2022 07:00 AM
MC2 Appoints Don Lee as CEO

MC 2, an MCH Group company, has announced today its Chief Executive Officer, Richard McAdam, will retire from his role with Don Lee pegged as the company's...

Read Article
November 01, 2021 07:00 AM
Art Basel hit by cyber attack

Art Basel has been hit by a cyber attack, potentially exposing the personal details of thousands of the art fair's VIP visitors.

Read Article
October 29, 2021 07:00 AM
Wealthy art world warned after Art Basel hit by criminal cyberattack

Art Basel's MCH Group hit by criminal cyber-attack, warns people to be careful when dealing with unknown contacts.

Read Article
October 25, 2021 07:00 AM
Swiss exhibitions organizer MCH Group hit by cyber-attack

Investigations yet to confirm if any data was exfiltrated. Swiss events organizer and marketing company MCH Group was hit by a malware...

Read Article
May 07, 2020 07:00 AM
2021 Baselworld Watch And Jewelry Show Is Canceled

The MCH Group, which owns and operates the annual Baselworld jewelry and watch trade show, has canceled its 2021 fair in the wake of the coronavirus pandemic.

Read Article
faq

Frequently Asked Questions

Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.

MCH Group CyberSecurity History Information

Official Website of MCH Group

The official website of MCH Group is https://www.mch-group.com.

MCH Group’s AI-Generated Cybersecurity Score

According to Rankiteo, MCH Group’s AI-generated cybersecurity score is 716, reflecting their Moderate security posture.

How many security badges does MCH Group’ have ?

According to Rankiteo, MCH Group currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Does MCH Group have SOC 2 Type 1 certification ?

According to Rankiteo, MCH Group is not certified under SOC 2 Type 1.

Does MCH Group have SOC 2 Type 2 certification ?

According to Rankiteo, MCH Group does not hold a SOC 2 Type 2 certification.

Does MCH Group comply with GDPR ?

According to Rankiteo, MCH Group is not listed as GDPR compliant.

Does MCH Group have PCI DSS certification ?

According to Rankiteo, MCH Group does not currently maintain PCI DSS compliance.

Does MCH Group comply with HIPAA ?

According to Rankiteo, MCH Group is not compliant with HIPAA regulations.

Does MCH Group have ISO 27001 certification ?

According to Rankiteo,MCH Group is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Industry Classification of MCH Group

MCH Group operates primarily in the Performing Arts industry.

Number of Employees at MCH Group

MCH Group employs approximately 282 people worldwide.

Subsidiaries Owned by MCH Group

MCH Group presently has no subsidiaries across any sectors.

MCH Group’s LinkedIn Followers

MCH Group’s official LinkedIn profile has approximately 10,374 followers.

NAICS Classification of MCH Group

MCH Group is classified under the NAICS code 7111, which corresponds to Performing Arts Companies.

MCH Group’s Presence on Crunchbase

No, MCH Group does not have a profile on Crunchbase.

MCH Group’s Presence on LinkedIn

Yes, MCH Group maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/mch-group-ltd-.

Cybersecurity Incidents Involving MCH Group

As of December 14, 2025, Rankiteo reports that MCH Group has experienced 1 cybersecurity incidents.

Number of Peer and Competitor Companies

MCH Group has an estimated 2,700 peer or competitor companies worldwide.

What types of cybersecurity incidents have occurred at MCH Group ?

Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.

How does MCH Group detect and respond to cybersecurity incidents ?

Detection and Response: The company detects and responds to cybersecurity incidents through an remediation measures with customers were encouraged to change passwords, and communication strategy with customers were encouraged to change passwords..

Incident Details

Can you provide details on each incident ?

Incident : Data Breach, Malware

measurementExposure impactImpact

Title: MCH Group Cyber Attack

Description: Art Basel’s parent company, the MCH Group hit by a criminal cyber attack using malware in November 2021. The compromised information includes personal contact details of customers, employees, and partners. Customers were encouraged by MCH Group to change any passwords related to the services and accounts of the company as well as any other accounts for which they shared the same password.

Date Detected: November 2021

Type: Data Breach, Malware

Attack Vector: Malware

What are the most common types of attacks the company has faced ?

Common Attack Types: The most common types of attacks the company has faced is Ransomware.

Impact of the Incidents

What was the impact of each incident ?

Incident : Data Breach, Malware MCH1558111122

Data Compromised: Personal contact details

What types of data are most commonly compromised in incidents ?

Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Contact Details and .

Which entities were affected by each incident ?

Incident : Data Breach, Malware MCH1558111122

Entity Name: MCH Group

Entity Type: Corporation

Industry: Art and Events

Response to the Incidents

What measures were taken in response to each incident ?

Incident : Data Breach, Malware MCH1558111122

Remediation Measures: Customers were encouraged to change passwords

Communication Strategy: Customers were encouraged to change passwords

Data Breach Information

What type of data was compromised in each breach ?

Incident : Data Breach, Malware MCH1558111122

Type of Data Compromised: Personal contact details

What measures does the company take to prevent data exfiltration ?

Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Customers were encouraged to change passwords, .

Lessons Learned and Recommendations

What recommendations were made to prevent future incidents ?

Incident : Data Breach, Malware MCH1558111122

Recommendations: Encourage customers to change passwords

Investigation Status

How does the company communicate the status of incident investigations to stakeholders ?

Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Customers Were Encouraged To Change Passwords.

Stakeholder and Customer Advisories

Were there any advisories issued to stakeholders or customers for each incident ?

Incident : Data Breach, Malware MCH1558111122

Customer Advisories: Encourage customers to change passwords

What advisories does the company provide to stakeholders and customers following an incident ?

Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Encourage Customers To Change Passwords and .

Post-Incident Analysis

What were the root causes and corrective actions taken for each incident ?

Incident : Data Breach, Malware MCH1558111122

Corrective Actions: Encourage Customers To Change Passwords,

What corrective actions has the company taken based on post-incident analysis ?

Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Encourage Customers To Change Passwords, .

Additional Questions

Incident Details

What was the most recent incident detected ?

Most Recent Incident Detected: The most recent incident detected was on November 2021.

Impact of the Incidents

What was the most significant data compromised in an incident ?

Most Significant Data Compromised: The most significant data compromised in an incident were personal contact details and .

Data Breach Information

What was the most sensitive data compromised in a breach ?

Most Sensitive Data Compromised: The most sensitive data compromised in a breach was personal contact details.

Lessons Learned and Recommendations

What was the most significant recommendation implemented to improve cybersecurity ?

Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Encourage customers to change passwords.

Stakeholder and Customer Advisories

What was the most recent customer advisory issued ?

Most Recent Customer Advisory: The most recent customer advisory issued was an Encourage customers to change passwords.

cve

Latest Global CVEs (Not Company-Specific)

Description

A weakness has been identified in itsourcecode Online Pet Shop Management System 1.0. This vulnerability affects unknown code of the file /pet1/addcnp.php. This manipulation of the argument cnpname causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in Tenda AX9 22.03.01.46. This affects the function image_check of the component httpd. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is indicated that the exploitability is difficult. The exploit has been released to the public and may be exploited.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 2.6
Severity: HIGH
AV:N/AC:H/Au:N/C:N/I:P/A:N
cvss3
Base: 3.7
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
cvss4
Base: 6.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A weakness has been identified in code-projects Student File Management System 1.0. This issue affects some unknown processing of the file /admin/update_student.php. This manipulation of the argument stud_id causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/save_user.php. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has been released to the public and may be exploited.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was identified in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/update_user.php. The manipulation of the argument user_id leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

Published
Date
2025-12-13
Updated
Date
2025-12-13
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References

Access Data Using Our API

SubsidiaryImage

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=mch-group-ltd-' -H 'apikey: YOUR_API_KEY_HERE'
Try It API Documentation rapidRapid

What Do We Measure ?

revertimgrevertimgrevertimgrevertimg
Incident
revertimgrevertimgrevertimgrevertimg
Finding
revertimgrevertimgrevertimgrevertimg
Grade
revertimgrevertimgrevertimgrevertimg
Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network Security

Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)

Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)

Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat Intelligence

Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Top LeftTop RightBottom LeftBottom Right
Rankiteo
By Rankiteo
View on G2.com
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
View latest reports → View all security reports →
Users Love Us Badge