What is the official website of Mercer ?

The official website of Mercer is https://www.corporate.marsh.com/global/home.html.

What is Mercer's cybersecurity risk score?

Mercer has an AI-generated cybersecurity risk score of 785 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has Mercer experienced?

According to Rankiteo, Mercer currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Mercer been affected by any supply chain cyber incidents ?

According to Rankiteo, Mercer has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does Mercer have SOC 2 Type 1 certification ?

According to Rankiteo, Mercer is not certified under SOC 2 Type 1.

Does Mercer have SOC 2 Type 2 certification ?

According to Rankiteo, Mercer does not hold a SOC 2 Type 2 certification.

Does Mercer comply with GDPR ?

According to Rankiteo, Mercer is not listed as GDPR compliant.

Does Mercer have PCI DSS certification ?

According to Rankiteo, Mercer does not currently maintain PCI DSS compliance.

Does Mercer comply with HIPAA ?

According to Rankiteo, Mercer is not compliant with HIPAA regulations.

Does Mercer have ISO 27001 certification ?

According to Rankiteo,Mercer is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Mercer operate in ?

Mercer operates primarily in the Professional Services industry.

How many employees does Mercer have ?

Mercer employs approximately 22,066 people worldwide.

Does Mercer own any subsidiaries ?

Mercer presently has no subsidiaries across any sectors.

How many LinkedIn followers does Mercer have ?

Mercer's official LinkedIn profile has approximately 929,738 followers.

What is the NAICS classification code for Mercer ?

Mercer is classified under the NAICS code 54, which corresponds to Professional, Scientific, and Technical Services.

Does Mercer have a Crunchbase profile ?

No, Mercer does not have a profile on Crunchbase.

Does Mercer have a LinkedIn profile ?

Yes, Mercer maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/mercer.

How many cybersecurity incidents has Mercer experienced ?

As of June 15, 2026, Rankiteo reports that Mercer has experienced 3 cybersecurity incidents.

How many peer or competitor companies does Mercer have ?

Mercer has an estimated 748 peer or competitor companies worldwide.

What types of cybersecurity incidents has Mercer faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Breach and Data Leak.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

Mercer

Boost Score +25 with badge (5 left)

785

/1000

Fair

810

/1000

Good

Mercer Vendor Cyber Rating & Cyber Score

marsh.com

Add Your Compliance Badge

At Mercer, A Marsh business, we’re helping our clients realize their investment objectives, shape the future of work, and enhance health and retirement outcomes for their people. As a business of Marsh, for 80 years, we’ve been helping our clients, colleagues and communities build the confidence to thrive, creating healthier and more sustainable futures. Together with Marsh Risk, Guy Carpenter, and Oliver Wyman, we help organizations build resilience and competitive advantages from every angle. With annual revenue over $24 billion and more than 90,000 colleagues in 130 countries, Marsh helps build the confidence to thrive through the power of perspective.

Mercer A.I CyberSecurity Scoring

Scoring History

Mercer

Mercer CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Mercer

Data Leak

04/2021

MAR18242223

Mercer

Breach

1/2020

FIDLPLAMEMER177...

Mercer

Breach

6/2013

MAR307072525

Loading…

A.I.

Mercer Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for Mercer

Incidents vs Professional Services Industry Avg (This Year)

No incidents recorded for Mercer in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Mercer in 2026.

Incident Types Mercer vs Professional Services Industry Avg (This Year)

No incidents recorded for Mercer in 2026.

Incident History - Mercer (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Mercer Subsidiaries

Mercer

Professional Services

Website: https://www.corporate.marsh.com/global/home.html

Company Size: 10,001+ employees

Marsh McLennanFinancial Services

Mercer UKProfessional Services

Mercer InvestmentsFinancial Services

Loading…

Mercer Similar Companies

SJ Group

sjgroup.com

SJ designs spaces and systems that unlock human potential, delivering connection and certainty on shifting ground. For over 75 years, SJ and its member companies have turned foresight into form and function through urban, infrastructure and managed services consulting. Through its business lines, it builds clarity into complexity, identity into infrastructure, character into skylines and insights into the future. SJ walks global expertise home in over 40 countries, with 16,000 specialists united by a culture of openness and excellence. As the next-generation partner for the built world, SJ pushes the boundaries of innovative design and technology — unlocking potential for Real impact, made together. The group continues a collective legacy of creating futures worth inheriting, meeting the needs of today and the aspirations of generations to come.

Sweco

swecogroup.com

Sweco is at the heart of the green transition - planning and designing the sustainable communities and cities of the future. Together with our clients and the collective knowledge of our 23,000 architects, engineers and other specialists, we co-create solutions to address urbanisation, capture the power of digitalisation, and make our societies more sustainable. Sweco is Europe’s leading engineering and architecture consultancy, with sales of approximately SEK 29 billion (EUR 2.5 billion). The company is listed on Nasdaq Stockholm.

EY

ey.com

EY is building a better working world by creating new value for clients, people, society, the planet, while building trust in the capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams in more than 150 countries work across a full spectrum of services in assurance, consulting, tax, strategy and transactions, strengthened by sector experience and diverse ecosystem partners. Find out more about the EY global network: http://ey.com/en_gl/legal-statement

PwC

cb pwc.com

At PwC, we help clients drive their companies to the leading edge. We’re a tech-forward, people-empowered network with more than 370,000 people in 149 countries. Across audit and assurance, tax and legal, deals and consulting we help build, accelerate and sustain momentum. Find out more at www.pwc.com. PwC: Audit and assurance, consulting and tax services PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Content on this page has been prepared for general information only and is not intended to be relied upon as accounting, tax or professional advice. Please reach out to your advisors for specific advice.

Arcadis

arcadis.com

Arcadis is a leading global partner, delivering transformative projects with businesses, cities and industries. With 36,000 people active in more than 30 countries, we bring together the best minds from around the world to deliver intelligent products and solutions that address the challenges of climate, energy security and diversification, and livable cities. We take design, engineering, architecture and consultancy to the next level, advising clients at every step of every project. From strategy and planning through to implementation and delivery, we combine our human and digital intelligence to co-create environments that reflect our clients’ business and stakeholder needs. From creating a citywide sustainable legacy during and after the Paris Olympics to revolutionizing urban transit worldwide with metro systems from Sydney to Toronto, or securing clean drinking water for communities across more than 30 U.S. states, our world-changing solutions leave a positive and lasting impact. Our work has helped more than a third of the world's communities become more resilient, and hundreds of clients to advance their decarbonization and net-zero goals. Together, we are committed to solving today's greatest problems; creating a blueprint for a better future, designed to thrive. Arcadis. Improving quality of life.

Allied Universal

cb aus.com

Allied Universal®, a leading security and facility services company, provides proactive security services and cutting-edge smart technology to deliver evolving, tailored solutions that allow clients to focus on their core business. Our excellence starts with our local leadership and local presence. In fact, in North America alone, we have an extensive network of offices to support our local communities and customers. We take pride in our extensive knowledge in a range of specialty sectors such as education, healthcare, retail, commercial real estate, government and corporate campuses, etc. We believe there is no greater purpose than serving and safeguarding customers, communities and people in today’s world. Allied Universal is There for you®.

WSP

wsp.com

We are one of the world’s leading professional services firms, uniting our engineering, advisory and science-based expertise to shape communities to advance humanity. From local beginnings to a globe-spanning presence today, we operate in over 50 countries and employ approximately 73,000 professionals, known as Visioneers. Together they pioneer solutions and deliver innovative projects across sectors: Transport & Infrastructure, Property & Buildings, Earth & Environment, Water, Power & Energy and Mining & Metals. Together let’s unlock potential everywhere. #WeAreWSP

Marsh

marsh.com

Marsh (NYSE: MRSH) is a global leader in risk, strategy and people, advising clients in 130 countries across four businesses: Marsh Risk, Guy Carpenter, Mercer and Oliver Wyman. With annual revenue over $24 billion and more than 90,000 colleagues, Marsh helps build the confidence to thrive through the power of perspective

Hatch

hatch.com

Our organization is passionately committed to the pursuit of a better world through positive change. We embrace your visions as our own and partner with you to develop better ideas that are smarter, more efficient, and innovative. Our global network of 10,000 professionals work on the world’s toughest challenges. Our corporate roots extend back more than a hundred years, and our experience spans over 150 countries around the world in the metals, energy, infrastructure, digital, and investments market sectors. We are employee-owned and independent—free to bring our best thinking to your business. Our exceptional, diverse teams combine vast engineering and business knowledge, working in partnership with our clients to develop market strategies, manage and optimize production, develop new game-changing technologies, and design and deliver complex capital projects. We work closely with the communities in which we serve to ensure that our solutions optimize environmental protection, economic prosperity, and cultural vibrancy. We want their businesses, ecosystems, and communities to thrive, both now and into the future. Our people are passionate about our corporate purpose and values. We believe in long-term relationships with our partners, and are committed to our clients’ lasting success. We are “entrepreneurs with a technical soul.”

Loading…

NEWS

Mercer CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

March 30, 2026 07:04 PM

RIA data breaches highlight rising cybersecurity risks for wealth firms

Mercer Advisors, Pathstone, EP Wealth and Hightower are among the RIAs that have suffered data breaches since the beginning of 2026.

Read Article

March 30, 2026 04:41 PM

Mercer Island schools adopt pair of textbooks

Among topics at the Mercer Island School District's board meeting March 26 were the adoption of two core curriculum textbooks for the next...

Read Article

March 24, 2026 09:32 PM

MIYFS Foundation recovers about $143K from fraud incident

After falling victim to a cyber fraud incident earlier this year, the Mercer Island Youth and Family Services (YFS) Foundation has recovered...

Read Article

March 17, 2026 07:00 AM

Secretary LaRose issues directive to strengthen election cybersecurity

Ohio Secretary of State Frank LaRose issued a directive on Tuesday, March 17, 2026, looking to strengthen cybersecurity protections in the...

Read Article

March 10, 2026 09:24 AM

DOL reveals updated enforcement projects for retirement plans

The Department of Labor recently announced updates to its national enforcement projects for ERISA plans.

Read Article

March 09, 2026 07:00 AM

New cybersecurity center launches in Hermitage

LindenPointe Development Corporation has just launched a brand-new, first-of-its-kind cybersecurity center in Hermitage located at 3580,...

Read Article

March 05, 2026 08:00 AM

MCCTC to provide free online cybersecurity training program thanks to grant

'Cybersecurity Essentials' is a free four-hour online course that offers a comprehensive introduction to cybersecurity including fundamental...

Read Article

March 03, 2026 08:00 AM

Mercer Advisors Hit by ShinyHunters Data Breach

Mercer Advisors faces class action lawsuit after ShinyHunters cybercrime group breached 5.7 million client records and published data.

Read Article

March 02, 2026 08:00 AM

Hackers Are Attacking Wealth Management Firms Including Mercer, Beacon Pointe. What’s at Risk.

Denver-based registered investment advisory firm Mercer Global Advisors is one of the latest wealth management firms targeted by...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12191

SUMMARY

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdrive/modeld/modeld.py of the component Pickle Module. The manipulation results in deserialization. The attack is only possible with local access. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 7.8)

cvss2

Base Score: 6.8

Complexity: LOW

AV:L/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 7.8

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.1

Complexity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

1.8

REFERENCES

CVE-2026-12190

SUMMARY

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the component ai.mainfunc.genspark. The manipulation leads to improper authorization in handler for custom url scheme. The attack can only be performed from a local environment. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 5.3)

cvss2

Base Score: 4.3

Complexity: LOW

AV:L/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base Score: 5.3

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 4.8

Complexity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.8

REFERENCES

CVE-2026-12189

SUMMARY

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzmate. Executing a manipulation can lead to improper authorization in handler for custom url scheme. The attack can only be executed locally. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 5.3)

cvss2

Base Score: 4.3

Complexity: LOW

AV:L/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base Score: 5.3

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 1.9

Complexity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.8

REFERENCES

CVE-2026-12188

SUMMARY

A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules/core/backend/app/controllers/concerns/grit/core/grit_entity_controller.rb of the component GritEntityController. Performing a manipulation results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 6.3)

cvss2

Base Score: 6.5

Complexity: LOW

AV:N/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base Score: 6.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.1

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

2.8

REFERENCES

CVE-2026-12187

SUMMARY

A security vulnerability has been detected in GL.iNet GL-MT3000 up to 4.4.5. Affected by this vulnerability is an unknown functionality of the file /usr/bin/one_click_upgrade of the component Online Firmware Upgrade Handler. Such manipulation leads to command injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 4.7 addresses this issue. Upgrading the affected component is advised. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 8.8)

cvss2

Base Score: 9.0

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…