MLE
Company Details
Linkedin ID:
mdlive-inc-
Website:
Employees number:
495
Number of followers:
20,716
NAICS:
62
Industry Type:
Homepage:
mdlive.com
IP Addresses:
0
Company ID:
MD _1169312
Scan Status:
In-progress
MD Live by Evernorth Company CyberSecurity Posture
mdlive.com
MD Live by Evernorth is a leading provider of virtual health care services in the U.S. with more than 60 million members nationwide. We work with our health plan, health system, and self-insured employer partners to give patients convenient and affordable access to the highest quality medical and behavioral health care, 24/7, from the comfort and safety of their homes. With a vision and passion for changing health care for the better, we are working to improve the patient experience, close the patient-provider accessibility gap, and bring providers opportunities to augment the services they currently offer. We imagine a new end-to-end care experience to complement – not replace – the way customers and patients interact with their existing providers to achieve: • Earlier identification and diagnosis of critical care needs • Faster and more seamless referrals to high-performing providers, including specialists and behavioral health • More convenient access to appropriate, affordable sites of service, and pharmaceutical fulfillment
MD Live by Evernorth A.I CyberSecurity Scoring
MLE Risk Score (AI oriented)Between 700 and 749
MLE
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
MLE Global Score (TPRM)XXXX
MLE
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
MLE Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
MDLIVE Medical Group, (DE) P.A.
Breach
Rankiteo Explanation
Attack without any consequences
Description: The Maine Office of the Attorney General reported a data breach involving MDLIVE Medical Group on October 20, 2022. The breach occurred between June 1, 2019, and August 31, 2022, potentially affecting 7,439 individuals, with 11 residing in Maine, due to inadvertent disclosure of personal information. Affected data included usernames and passwords; health information, financial information, and Social Security numbers were not disclosed.
MLE Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for MLE
Incidents vs Hospitals and Health Care Industry Average (This Year)
No incidents recorded for MD Live by Evernorth in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for MD Live by Evernorth in 2026.
Incident Types MLE vs Hospitals and Health Care Industry Avg (This Year)
No incidents recorded for MD Live by Evernorth in 2026.
Incident History — MLE (X = Date, Y = Severity)
MLE cyber incidents detection timeline including parent company and subsidiaries
MLE Company Subsidiaries
MD Live by Evernorth is a leading provider of virtual health care services in the U.S. with more than 60 million members nationwide. We work with our health plan, health system, and self-insured employer partners to give patients convenient and affordable access to the highest quality medical and behavioral health care, 24/7, from the comfort and safety of their homes. With a vision and passion for changing health care for the better, we are working to improve the patient experience, close the patient-provider accessibility gap, and bring providers opportunities to augment the services they currently offer. We imagine a new end-to-end care experience to complement – not replace – the way customers and patients interact with their existing providers to achieve: • Earlier identification and diagnosis of critical care needs • Faster and more seamless referrals to high-performing providers, including specialists and behavioral health • More convenient access to appropriate, affordable sites of service, and pharmaceutical fulfillment
Loading...
MLE Similar Companies
Geisinger
Geisinger is among the nation’s leading providers of value-based care, serving 1.2 million people in urban and rural communities across Pennsylvania. Founded in 1915 by philanthropist Abigail Geisinger, the nonprofit system generates $10 billion in annual revenues across 126 care sites — including 1
Hospital Authority
The Hospital Authority (HA) is a statutory body established under the Hospital Authority Ordinance in 1990. We have been responsible for managing Hong Kong's public hospitals services since December 1991. We are accountable to the Hong Kong Special Administrative Region Government through the Secret
UnitedHealth Group is a health care and well-being company with a mission to help people live healthier lives and help make the health system work better for everyone. We are 340,000 colleagues in two distinct and complementary businesses working to help build a modern, high-performing health syste
Addus HomeCare
Addus HomeCare is one of the nation's largest and fastest growing providers of personal home care and support services. Since 1979, Addus has built an exceptional home care company through a commitment to improving the health and wellness of our clients and providing high-quality, cost-effective car
Novant Health
Novant Health is an integrated network of more than 850 locations, including 19 hospitals, more than 700 physician clinics and urgent care centers, outpatient facilities, and imaging and pharmacy services. This network supports a seamless and personalized healthcare experience for communities in Nor
Hospital Sisters Health System
Since 1875, the Hospital Sisters of St. Francis have been caring for patients in Illinois, Wisconsin and other locations in the United States and across the world. Today, Hospital Sisters Health System (HSHS) is a multi-institutional health care system that cares for patients in 14 communities in Il
Johnson & Johnson
At Johnson & Johnson, we believe health is everything. As a focused healthcare company, with expertise in Innovative Medicine and MedTech, we’re empowered to tackle the world’s toughest health challenges, innovate through science and technology, and transform patient care. All of this is possibl
UMass Memorial Health
UMass Memorial Health is the health and wellness partner of the people of Central Massachusetts. Through pain and pandemics, our commitment to our communities never wanes. We use knowledge and innovation to create breakthrough medicine, to create jobs, and to make life better for those we serve. We
NSW Health
With more than 170,000 staff and 228 hospitals, there are millions of ways we are enriching the health of the NSW community every day. In front of a patient, working in a kitchen, developing new treatments, or at a desk, each one of our staff is a vital member of the largest health organisat
.png)
MLE CyberSecurity News
January 02, 2024 08:00 AM
More hybrid virtual care and asynchronous telemedicine on the way for 2024
A telehealth expert offers a look at the year ahead, where he also sees more growth in virtual chronic care management and employer-based...
October 10, 2023 07:00 AM
Cigna buys digital health provider Bright.md
Cigna Group will pay an undisclosed sum for digital health company Bright.md, the companies announced in a news release Tuesday.
October 26, 2021 07:00 AM
Cigna expands access to covered telehealth services
The insurance company will also launch a "virtual-first" health plan for select employers, which will include a $0 copay for MDLIVE primary...
February 26, 2021 08:00 AM
Cigna’s Evernorth To Buy Telehealth Provider MDLive
Cigna's Evernorth healthcare services business will buy MDLive, a fast-growing provider of telehealth services that have taken off during the Covid-19 pandemic.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
MLE CyberSecurity History Information
Official Website of MD Live by Evernorth
The official website of MD Live by Evernorth is http://www.mdlive.com.
MD Live by Evernorth’s AI-Generated Cybersecurity Score
According to Rankiteo, MD Live by Evernorth’s AI-generated cybersecurity score is 748, reflecting their Moderate security posture.
How many security badges does MD Live by Evernorth’ have ?
According to Rankiteo, MD Live by Evernorth currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has MD Live by Evernorth been affected by any supply chain cyber incidents ?
According to Rankiteo, MD Live by Evernorth has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does MD Live by Evernorth have SOC 2 Type 1 certification ?
According to Rankiteo, MD Live by Evernorth is not certified under SOC 2 Type 1.
Does MD Live by Evernorth have SOC 2 Type 2 certification ?
According to Rankiteo, MD Live by Evernorth does not hold a SOC 2 Type 2 certification.
Does MD Live by Evernorth comply with GDPR ?
According to Rankiteo, MD Live by Evernorth is not listed as GDPR compliant.
Does MD Live by Evernorth have PCI DSS certification ?
According to Rankiteo, MD Live by Evernorth does not currently maintain PCI DSS compliance.
Does MD Live by Evernorth comply with HIPAA ?
According to Rankiteo, MD Live by Evernorth is not compliant with HIPAA regulations.
Does MD Live by Evernorth have ISO 27001 certification ?
According to Rankiteo,MD Live by Evernorth is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of MD Live by Evernorth
MD Live by Evernorth operates primarily in the Hospitals and Health Care industry.
Number of Employees at MD Live by Evernorth
MD Live by Evernorth employs approximately 495 people worldwide.
Subsidiaries Owned by MD Live by Evernorth
MD Live by Evernorth presently has no subsidiaries across any sectors.
MD Live by Evernorth’s LinkedIn Followers
MD Live by Evernorth’s official LinkedIn profile has approximately 20,716 followers.
NAICS Classification of MD Live by Evernorth
MD Live by Evernorth is classified under the NAICS code 62, which corresponds to Health Care and Social Assistance.
MD Live by Evernorth’s Presence on Crunchbase
Yes, MD Live by Evernorth has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/mdlive.
MD Live by Evernorth’s Presence on LinkedIn
Yes, MD Live by Evernorth maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/mdlive-inc-.
Cybersecurity Incidents Involving MD Live by Evernorth
As of January 22, 2026, Rankiteo reports that MD Live by Evernorth has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
MD Live by Evernorth has an estimated 31,590 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at MD Live by Evernorth ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
Incident Details
Can you provide details on each incident ?
Title: MDLIVE Medical Group Data Breach
Description: The Maine Office of the Attorney General reported a data breach involving MDLIVE Medical Group on October 20, 2022. The breach occurred between June 1, 2019, and August 31, 2022, potentially affecting 7,439 individuals, with 11 residing in Maine, due to inadvertent disclosure of personal information. Affected data included usernames and passwords; health information, financial information, and Social Security numbers were not disclosed.
Date Detected: October 20, 2022
Date Publicly Disclosed: October 20, 2022
Type: Data Breach
Attack Vector: Inadvertent Disclosure
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach MDL755072625
Data Compromised: Usernames, Passwords
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Usernames, Passwords and .
Which entities were affected by each incident ?
Incident : Data Breach MDL755072625
Entity Name: MDLIVE Medical Group
Entity Type: Healthcare
Industry: Healthcare
Customers Affected: 7439
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach MDL755072625
Type of Data Compromised: Usernames, Passwords
Number of Records Exposed: 7439
References
Where can I find more information about each incident ?
Incident : Data Breach MDL755072625
Source: Maine Office of the Attorney General
Date Accessed: October 20, 2022
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Maine Office of the Attorney GeneralDate Accessed: October 20, 2022.
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on October 20, 2022.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on October 20, 2022.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were usernames, passwords and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were usernames and passwords.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 752.0.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Maine Office of the Attorney General.
.png)
Latest Global CVEs (Not Company-Specific)
Description
SummaryA command injection vulnerability (CWE-78) has been found to exist in the `wrangler pages deploy` command. The issue occurs because the `--commit-hash` parameter is passed directly to a shell command without proper validation or sanitization, allowing an attacker with control of `--commit-hash` to execute arbitrary commands on the system running Wrangler. Root causeThe commitHash variable, derived from user input via the --commit-hash CLI argument, is interpolated directly into a shell command using template literals (e.g., execSync(`git show -s --format=%B ${commitHash}`)). Shell metacharacters are interpreted by the shell, enabling command execution. ImpactThis vulnerability is generally hard to exploit, as it requires --commit-hash to be attacker controlled. The vulnerability primarily affects CI/CD environments where `wrangler pages deploy` is used in automated pipelines and the --commit-hash parameter is populated from external, potentially untrusted sources. An attacker could exploit this to: * Run any shell command. * Exfiltrate environment variables. * Compromise the CI runner to install backdoors or modify build artifacts. Credits Disclosed responsibly by kny4hacker. Mitigation * Wrangler v4 users are requested to upgrade to Wrangler v4.59.1 or higher. * Wrangler v3 users are requested to upgrade to Wrangler v3.114.17 or higher. * Users on Wrangler v2 (EOL) should upgrade to a supported major version.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data as well as unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L).
Risk Information
cvss3
Base: 8.1
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=mdlive-inc-' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
