MCMCF
Company Details
Linkedin ID:
mcmcf
Website:
Employees number:
45
Number of followers:
62
NAICS:
62
Industry Type:
Homepage:
mqtcmcf.org
IP Addresses:
0
Company ID:
MAR_2232405
Scan Status:
In-progress
Marquette County Medical Care Facility Company CyberSecurity Posture
mqtcmcf.org
The Marquette County Medical Care Facility provides a family oriented environment, where people both young and old can share their lives together. Whether you or your family member are in need of long-term care, or short-term recovery care, Marquette County Medical Care Facility is here to support your quality of life goals.
Marquette County Medical Care Facility A.I CyberSecurity Scoring
MCMCF Risk Score (AI oriented)Between 700 and 749
MCMCF
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
MCMCF Global Score (TPRM)XXXX
MCMCF
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
MCMCF Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Marquette County Medical Care Facility: Marquette County Medical Care Facility discloses data breach – DataBreaches.Net
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: Marquette County Medical Care Facility Hit by Business Email Compromise in March 2025 In March 2025, Marquette County Medical Care Facility (MCMCF), a 140-bed healthcare provider in Michigan, disclosed a business email compromise (BEC) incident affecting its Human Resources director’s Microsoft Office 365 account. The breach was detected on March 3, 2025, after contacts began receiving phishing emails from the compromised account. The exposed data may have included names, Social Security numbers, dates of birth, protected health information (PHI), and bank details, though it remains unclear whether the incident impacted only employees or also extended to patient records. MCMCF operates a long-term care and rehabilitation facility, including a specialized unit for individuals with dementia. While the facility’s press release did not mention free mitigation services for affected individuals, it established a dedicated helpline (1-833-998-7185) for inquiries, available Monday through Friday from 8:00 a.m. to 8:00 p.m. EST. The full scope of the breach and its impact on operations have not been detailed.
MCMCF Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for MCMCF
Incidents vs Hospitals and Health Care Industry Average (This Year)
No incidents recorded for Marquette County Medical Care Facility in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Marquette County Medical Care Facility in 2026.
Incident Types MCMCF vs Hospitals and Health Care Industry Avg (This Year)
No incidents recorded for Marquette County Medical Care Facility in 2026.
Incident History — MCMCF (X = Date, Y = Severity)
MCMCF cyber incidents detection timeline including parent company and subsidiaries
MCMCF Company Subsidiaries
The Marquette County Medical Care Facility provides a family oriented environment, where people both young and old can share their lives together. Whether you or your family member are in need of long-term care, or short-term recovery care, Marquette County Medical Care Facility is here to support your quality of life goals.
Loading...
MCMCF Similar Companies
Region Hovedstaden
Det handler om liv. Om at bringe liv til verden og skabe livskvalitet. Om at redde liv og forbedre liv. Som medarbejder i Region Hovedstaden træder du ind i en verden af muligheder og mangfoldighed med plads til dine ambitioner. Du er en del af et stærkt fagligt miljø, hvor vi har fingeren på pulsen
St. Luke's Health System
As the only Idaho-based, not-for-profit health system, St. Luke’s Health System is dedicated to our mission “To improve the health of people in the communities we serve.” Today that means not only treating you when you’re sick or hurt, but doing everything we can to help you be as healthy as possibl
NMC Healthcare
NMC Healthcare is one of the largest private healthcare networks in the United Arab Emirates. Since 1975, we have provided high quality, personalised, and compassionate care to our patients and are proud to have earned the trust of millions of people in the UAE and around the world. ---------------
NYC Health + Hospitals
NYC Health + Hospitals is the nation’s largest public health care delivery system. We are an integrated network of hospitals, trauma centers, neighborhood health centers, nursing homes, and post-acute care centers. We are a home care agency and a health plan, MetroPlus. The health system provides es
OSF HealthCare
OSF HealthCare is an integrated health system founded by The Sisters of the Third Order of St. Francis. Headquartered in Peoria, Illinois, OSF HealthCare has 17 hospitals – 11 acute care, five critical access and one continuing care – with 2,305 licensed beds throughout Illinois and Michigan. OSF e
Health Service Executive
Our purpose is to provide safe, high quality health and personal social services to the population of Ireland. Our vision is a healthier Ireland with a high quality health service valued by all. Our Workforce The health service is the largest employer in the state with over 110,000 whole time equ
Penn Medicine is a world leader in academic medicine, setting the standard for cutting-edge research, compassionate patient care, and the education of future health care professionals. From founding the nation’s first hospital and medical school to pioneering Nobel Prize-winning mRNA vaccines and li
Johns Hopkins Medicine
Johns Hopkins Medicine is a governing structure for the University’s School of Medicine and the health system, coordinating their research, teaching, patient care, and related enterprises. The Johns Hopkins Hospital opened in 1889, followed four years later by the university’s School of Medicine
UnitedHealth Group is a health care and well-being company with a mission to help people live healthier lives and help make the health system work better for everyone. We are 340,000 colleagues in two distinct and complementary businesses working to help build a modern, high-performing health syste
.png)
MCMCF CyberSecurity News
October 16, 2025 07:00 AM
My UP Investigates: Did Marquette Co. fire whistleblower, put police data at risk? | Local News
MARQUETTE, Mich. (WJMN/WBUP) — A former Marquette County employee claims to be a whistleblower and is suing for his job back.
June 27, 2025 07:00 AM
Mainline Health Systems Reports 101,000-Record Data Breach
Data breaches have been confirmed by Mainline Health Systems, Tallahassee Memorial Healthcare, Rural Health Services, Marquette County Medical Care Facility.
September 03, 2017 11:36 AM
HIPAA Breach News
Our HIPAA breach news section covers HIPAA breaches such as unauthorized disclosures of protected health information (PHI), improper disposal of PHI.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
MCMCF CyberSecurity History Information
Official Website of Marquette County Medical Care Facility
The official website of Marquette County Medical Care Facility is http://www.mqtcmcf.org.
Marquette County Medical Care Facility’s AI-Generated Cybersecurity Score
According to Rankiteo, Marquette County Medical Care Facility’s AI-generated cybersecurity score is 710, reflecting their Moderate security posture.
How many security badges does Marquette County Medical Care Facility’ have ?
According to Rankiteo, Marquette County Medical Care Facility currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Marquette County Medical Care Facility been affected by any supply chain cyber incidents ?
According to Rankiteo, Marquette County Medical Care Facility has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Marquette County Medical Care Facility have SOC 2 Type 1 certification ?
According to Rankiteo, Marquette County Medical Care Facility is not certified under SOC 2 Type 1.
Does Marquette County Medical Care Facility have SOC 2 Type 2 certification ?
According to Rankiteo, Marquette County Medical Care Facility does not hold a SOC 2 Type 2 certification.
Does Marquette County Medical Care Facility comply with GDPR ?
According to Rankiteo, Marquette County Medical Care Facility is not listed as GDPR compliant.
Does Marquette County Medical Care Facility have PCI DSS certification ?
According to Rankiteo, Marquette County Medical Care Facility does not currently maintain PCI DSS compliance.
Does Marquette County Medical Care Facility comply with HIPAA ?
According to Rankiteo, Marquette County Medical Care Facility is not compliant with HIPAA regulations.
Does Marquette County Medical Care Facility have ISO 27001 certification ?
According to Rankiteo,Marquette County Medical Care Facility is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Marquette County Medical Care Facility
Marquette County Medical Care Facility operates primarily in the Hospitals and Health Care industry.
Number of Employees at Marquette County Medical Care Facility
Marquette County Medical Care Facility employs approximately 45 people worldwide.
Subsidiaries Owned by Marquette County Medical Care Facility
Marquette County Medical Care Facility presently has no subsidiaries across any sectors.
Marquette County Medical Care Facility’s LinkedIn Followers
Marquette County Medical Care Facility’s official LinkedIn profile has approximately 62 followers.
NAICS Classification of Marquette County Medical Care Facility
Marquette County Medical Care Facility is classified under the NAICS code 62, which corresponds to Health Care and Social Assistance.
Marquette County Medical Care Facility’s Presence on Crunchbase
No, Marquette County Medical Care Facility does not have a profile on Crunchbase.
Marquette County Medical Care Facility’s Presence on LinkedIn
Yes, Marquette County Medical Care Facility maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/mcmcf.
Cybersecurity Incidents Involving Marquette County Medical Care Facility
As of January 24, 2026, Rankiteo reports that Marquette County Medical Care Facility has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Marquette County Medical Care Facility has an estimated 31,616 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Marquette County Medical Care Facility ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does Marquette County Medical Care Facility detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with dedicated toll-free helpline (1-833-998-7185, monday through friday, 8:00 a.m. to 8:00 p.m. est)..
Incident Details
Can you provide details on each incident ?
Title: Marquette County Medical Care Facility Business Email Compromise Incident
Description: Marquette County Medical Care Facility (MCMCF) discovered a business email compromise incident on March 3, 2025, when contacts of MCMCF’s Human Resources director began receiving phishing emails from her Microsoft Office 365 (O365) account. The incident involved unauthorized access to sensitive information including names, social security numbers, dates of birth, protected health information, and bank details.
Date Detected: 2025-03-03
Date Publicly Disclosed: 2025-03
Type: Business Email Compromise (BEC)
Attack Vector: Phishing
Vulnerability Exploited: Compromised Microsoft Office 365 account
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Compromised Microsoft Office 365 account.
Impact of the Incidents
What was the impact of each incident ?
Incident : Business Email Compromise (BEC) MCM1767852088
Data Compromised: Names, social security numbers, dates of birth, protected health information, bank details
Systems Affected: Microsoft Office 365 (O365) account
Identity Theft Risk: High
Payment Information Risk: High
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personally Identifiable Information (Pii), Protected Health Information (Phi), Financial Information and .
Which entities were affected by each incident ?
Incident : Business Email Compromise (BEC) MCM1767852088
Entity Name: Marquette County Medical Care Facility (MCMCF)
Entity Type: Healthcare Facility
Industry: Healthcare
Location: Marquette County
Size: 140-bed facility
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Business Email Compromise (BEC) MCM1767852088
Communication Strategy: Dedicated toll-free helpline (1-833-998-7185, Monday through Friday, 8:00 a.m. to 8:00 p.m. EST)
Data Breach Information
What type of data was compromised in each breach ?
Incident : Business Email Compromise (BEC) MCM1767852088
Type of Data Compromised: Personally identifiable information (pii), Protected health information (phi), Financial information
Sensitivity of Data: High
Personally Identifiable Information: Names, social security numbers, dates of birth
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Business Email Compromise (BEC) MCM1767852088
Regulations Violated: HIPAA,
References
Where can I find more information about each incident ?
Incident : Business Email Compromise (BEC) MCM1767852088
Source: MCMCF Press Release
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: MCMCF Press Release.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Dedicated toll-free helpline (1-833-998-7185, Monday through Friday and 8:00 a.m. to 8:00 p.m. EST).
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Business Email Compromise (BEC) MCM1767852088
Customer Advisories: Dedicated toll-free helpline provided for affected individuals
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: was Dedicated toll-free helpline provided for affected individuals.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Business Email Compromise (BEC) MCM1767852088
Entry Point: Compromised Microsoft Office 365 account
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2025-03-03.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025-03.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Names, social security numbers, dates of birth, protected health information and bank details.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Names, social security numbers, dates of birth, protected health information and bank details.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is MCMCF Press Release.
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an Dedicated toll-free helpline provided for affected individuals.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Compromised Microsoft Office 365 account.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Typemill is a flat-file, Markdown-based CMS designed for informational documentation websites. A reflected Cross-Site Scripting (XSS) exists in the login error view template `login.twig` of versions 2.19.1 and below. The `username` value can be echoed back without proper contextual encoding when authentication fails. An attacker can execute script in the login page context. This issue has been fixed in version 2.19.2.
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Description
A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the DomainCheckerApp class within domain/script.js of Sourcecodester Domain Availability Checker v1.0. The vulnerability occurs because the application improperly handles user-supplied data in the createResultElement method by using the unsafe innerHTML property to render domain search results.
Description
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Modern Image Gallery App v1.0 within the gallery/upload.php component. The application fails to properly validate uploaded file contents. Additionally, the application preserves the user-supplied file extension during the save process. This allows an unauthenticated attacker to upload arbitrary PHP code by spoofing the MIME type as an image, leading to full system compromise.
Description
A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges. To mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above.
Risk Information
cvss3
Base: 6.0
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
cvss4
Base: 6.0
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description
An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru 2025-05-28. This unauthenticated endpoint returns a list of cashier accounts, including names, email addresses, usernames, and passwords hashed using MD5. As MD5 is a broken cryptographic function, the hashes can be easily reversed using public tools, exposing user credentials in plaintext. This allows remote attackers to perform unauthorized logins and potentially gain access to sensitive POS operations or backend functions.
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=mcmcf' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
