Merck
Company Details
Linkedin ID:
merck
Website:
Employees number:
42,297
Number of followers:
2,549,401
NAICS:
3254
Industry Type:
Homepage:
merck.com
IP Addresses:
0
Company ID:
MER_3024671
Scan Status:
In-progress
Merck Company CyberSecurity Posture
merck.com
At Merck, known as MSD outside of the United States and Canada, we are unified around our purpose: We use the power of leading-edge science to save and improve lives around the world. For more than 130 years, we have brought hope to humanity through the development of important medicines and vaccines. We aspire to be the premier research-intensive biopharmaceutical company in the world – and today, we are at the forefront of research to deliver innovative health solutions that advance the prevention and treatment of diseases in people and animals. We foster a diverse and inclusive global workforce and operate responsibly every day to enable a safe, sustainable and healthy future for all people and communities. For more information, visit www.merck.com. This site is intended for residents of the United States and Canada and their territories only. FLS: http://merck.us/3TKXNuZ
Merck A.I CyberSecurity Scoring
Merck Risk Score (AI oriented)Between 800 and 849
Merck
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Merck Global Score (TPRM)XXXX
Merck
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Merck Company CyberSecurity News & History
Past Incidents
2
Attack Types
2
Merck Sharp & Dohme LLC (Merck)
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: On September 22, 2025, Merck, a New Jersey-based pharmaceutical company, was alerted that its third-party service provider, Graebel Companies, suffered a **data breach** exposing sensitive personal and financial information of current and former employees. The compromised data includes **names, dates of birth, addresses, phone numbers, Social Security numbers, and financial account details**, heightening risks of identity theft and fraud.The breach was formally disclosed to the Massachusetts Attorney General’s office on November 17, 2025, though the exact number of affected individuals remains undetermined. Merck collaborated with Graebel to contain the incident, strengthen security measures, and notify impacted employees. As a remedial step, Merck is providing **24 months of complimentary credit monitoring and identity theft protection** via TransUnion.The exposure of **personally identifiable information (PII) and financial records**—particularly through a third-party vendor—underscores vulnerabilities in supply chain cybersecurity and the potential for long-term reputational and financial harm to both employees and the company.
Merck
Cyber Attack
Rankiteo Explanation
Attack threatening the organization's existence
Description: The computer systems of Science and Technology company Merck were targeted in a sophisticated cyber-attack. The company immediately took preventive steps to contain the attack and informed its employees to disconnect mobile phones from the network.
Merck Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Merck
Incidents vs Pharmaceutical Manufacturing Industry Average (This Year)
Merck has 25.0% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
Merck has 29.87% more incidents than the average of all companies with at least one recorded incident.
Incident Types Merck vs Pharmaceutical Manufacturing Industry Avg (This Year)
Merck reported 1 incidents this year: 0 cyber attacks, 0 ransomware, 0 vulnerabilities, 1 data breaches, compared to industry peers with at least 1 incident.
Incident History — Merck (X = Date, Y = Severity)
Merck cyber incidents detection timeline including parent company and subsidiaries
Merck Company Subsidiaries
At Merck, known as MSD outside of the United States and Canada, we are unified around our purpose: We use the power of leading-edge science to save and improve lives around the world. For more than 130 years, we have brought hope to humanity through the development of important medicines and vaccines. We aspire to be the premier research-intensive biopharmaceutical company in the world – and today, we are at the forefront of research to deliver innovative health solutions that advance the prevention and treatment of diseases in people and animals. We foster a diverse and inclusive global workforce and operate responsibly every day to enable a safe, sustainable and healthy future for all people and communities. For more information, visit www.merck.com. This site is intended for residents of the United States and Canada and their territories only. FLS: http://merck.us/3TKXNuZ
Loading...
Merck Similar Companies
MANKIND PHARMA LTD
Mankind Pharma, one of the top 5 leading pharmaceutical companies in India, started its journey in 1995. Today, we have an employee base of over 20,000 and are racing towards $1 Billion. At Mankind, we aspire to aid the community in leading a healthy life by formulating, developing, commercializing,
Intas Pharmaceuticals
Intas is one of the leading multinational pharmaceutical formulation development, manufacturing, and marketing organization in the world. It has been growing at 19% CAGR and crossed the $2.5 billion mark in the past financial year. The company has set up a network of subsidiaries, under the name Acc
Astellas Pharma
Astellas is a global life sciences company committed to turning innovative science into VALUE for patients. We provide transformative therapies in disease areas that include oncology, ophthalmology, urology, immunology and women's health. Through our research and development programs, we are pioneer
Fresenius Kabi
As a global healthcare company, Fresenius Kabi is Committed to Life. The company’s products, technologies, and services are used for the therapy and care of critically and chronically ill patients. With over 41,000 employees and present in over 100 countries, Fresenius Kabi’s expansive product portf
The world’s leading animal health company. Zoetis is driven by a singular purpose: to nurture our world and humankind by advancing care for animals. We’ve been innovating ways to predict, prevent, detect, and treat animal illness for over 70 years, and we continue to stand by those raising and cari
UCB
At UCB, we believe everyone deserves to live the best life they can - as free as possible from the challenges and uncertainty of disease. Our purpose is to support people living with severe central nervous system and immunological conditions by delivering meaningful solutions that go beyond medicine
Takeda
We strive to transform lives. While the science we advance is constantly evolving, our core purpose is enduring. For more than two centuries, our values have guided us to do what’s right for patients and for society. We know that changing lives requires us to do things differently. We start by list
Grifols
Grifols is a global healthcare company founded in Barcelona in 1909 committed to improving the health and well-being of people all over the world. A leader in essential plasma-derived medicines and transfusion medicine, we develop, produce and provide innovative healthcare services and solutions i
The Janssen Pharmaceutical Companies of Johnson & Johnson
At Janssen, we never stop working toward a future where disease is a thing of the past. We’re the Pharmaceutical Companies of Johnson & Johnson, and you can count on us to keep working tirelessly to make that future a reality for patients everywhere, by fighting sickness with science, improving ac
.png)
Merck CyberSecurity News
November 17, 2025 11:15 PM
Merck Data Breach Lawsuit Investigation
If you were affected by the Merck data breach, you may be entitled to compensation.
November 14, 2025 08:00 AM
Wall Street Breakfast Podcast: Merck Talks Send Cidara Soaring
Merck seen nearing acquisition of Cidara Therapeutics in deal potentially above $3.3 billion. U.S., Argentina to open markets to key...
October 13, 2025 07:00 AM
Women CFOs Outperform. Here’s How Humana And Merck Prove It
Boards seeking consistent returns and strategic innovation might not need to look outside the organization for their next growth driver.
August 12, 2025 07:00 AM
DEEP and Merck launch strategic partnership to strengthen Europe’s cybersecurity
DEEP and Merck launch strategic partnership to strengthen Europe's cybersecurity. Martha Ihlbrock Corporate Communications
July 16, 2025 07:00 AM
How This New Biotech Billionaire Outmaneuvered Merck In China
Michelle Xia gained experience at U.S. pharmaceutical firms before launching her own biotech company back home in China.
July 11, 2025 07:00 AM
Merck's Verona Acquisition: Plugging A $4B Hole In A $20B Gap
Merck's recent acquisition announcement sends a strong signal regarding its urgency to tackle the impending Keytruda patent cliff.
July 05, 2025 09:14 PM
El Grupo Merck y Versum Materials comienzan una nueva historia de crecimiento
Lee cómo FTI Consulting proporcionó apoyo estratégico y legal en un proyecto Pro Bono para establecer un tribunal internacional especial para Ucrania.
June 27, 2025 07:00 AM
40% Upside For Merck Stock?
Merck's upside potential depends on its capability to execute across several vital areas: successfully moving its pipeline forward, expanding into new regions,...
June 02, 2025 07:00 AM
Merck Stock’s Ticking Keytruda Time Bomb
Merck's (NYSE:MRK) top-selling drug – Keytruda's – impressive recent growth tells a compelling story, but it's one with a predictable ending...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Merck CyberSecurity History Information
Official Website of Merck
The official website of Merck is http://merck.us/2J2xAUh.
Merck’s AI-Generated Cybersecurity Score
According to Rankiteo, Merck’s AI-generated cybersecurity score is 801, reflecting their Good security posture.
How many security badges does Merck’ have ?
According to Rankiteo, Merck currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Merck have SOC 2 Type 1 certification ?
According to Rankiteo, Merck is not certified under SOC 2 Type 1.
Does Merck have SOC 2 Type 2 certification ?
According to Rankiteo, Merck does not hold a SOC 2 Type 2 certification.
Does Merck comply with GDPR ?
According to Rankiteo, Merck is not listed as GDPR compliant.
Does Merck have PCI DSS certification ?
According to Rankiteo, Merck does not currently maintain PCI DSS compliance.
Does Merck comply with HIPAA ?
According to Rankiteo, Merck is not compliant with HIPAA regulations.
Does Merck have ISO 27001 certification ?
According to Rankiteo,Merck is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Merck
Merck operates primarily in the Pharmaceutical Manufacturing industry.
Number of Employees at Merck
Merck employs approximately 42,297 people worldwide.
Subsidiaries Owned by Merck
Merck presently has no subsidiaries across any sectors.
Merck’s LinkedIn Followers
Merck’s official LinkedIn profile has approximately 2,549,401 followers.
NAICS Classification of Merck
Merck is classified under the NAICS code 3254, which corresponds to Pharmaceutical and Medicine Manufacturing.
Merck’s Presence on Crunchbase
No, Merck does not have a profile on Crunchbase.
Merck’s Presence on LinkedIn
Yes, Merck maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/merck.
Cybersecurity Incidents Involving Merck
As of December 13, 2025, Rankiteo reports that Merck has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
Merck has an estimated 5,425 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Merck ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack and Breach.
How does Merck detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with disconnect mobile phones from the network, and and third party assistance with collaboration with graebel companies, and containment measures with implemented by graebel companies, and remediation measures with enhanced security protocols by graebel, and communication strategy with direct communication with affected individuals..
Incident Details
Can you provide details on each incident ?
Title: Cyber-Attack on Merck
Description: The computer systems of Science and Technology company Merck were targeted in a sophisticated cyber-attack.
Type: Cyber-Attack
Title: Data Breach at Merck via Third-Party Service Provider Graebel Companies
Description: On Sept. 22, 2025, Merck Sharp & Dohme LLC (Merck) was notified that its U.S.-based service provider, Graebel Companies, experienced a data breach exposing sensitive personal information of current and former Merck employees. The breach was disclosed to the Massachusetts Attorney General’s office on Nov. 17, 2025. Compromised data may include names, dates of birth, addresses, phone numbers, Social Security numbers, and financial account information, putting individuals at risk for identity theft and fraud.
Date Detected: 2025-09-22
Date Publicly Disclosed: 2025-11-17
Type: Data Breach (Third-Party)
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach (Third-Party) MER3502435111825
Data Compromised: Names, Dates of birth, Addresses, Phone numbers, Social security numbers, Financial account information
Brand Reputation Impact: Potential reputational harm due to exposure of sensitive employee data
Identity Theft Risk: High (due to exposure of PII and financial information)
Payment Information Risk: High (financial account information exposed)
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personally Identifiable Information (Pii), Financial Information and .
Which entities were affected by each incident ?
Incident : Cyber-Attack MER1502422
Entity Name: Merck
Entity Type: Company
Industry: Science and Technology
Incident : Data Breach (Third-Party) MER3502435111825
Entity Name: Merck Sharp & Dohme LLC
Entity Type: Pharmaceutical Company
Industry: Healthcare/Pharmaceutical
Location: New Jersey, USA
Incident : Data Breach (Third-Party) MER3502435111825
Entity Name: Graebel Companies
Entity Type: Service Provider
Industry: Relocation/Logistics
Location: USA
Customers Affected: Current and former Merck employees (number unknown, potentially significant)
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Cyber-Attack MER1502422
Containment Measures: Disconnect mobile phones from the network
Incident : Data Breach (Third-Party) MER3502435111825
Incident Response Plan Activated: True
Third Party Assistance: Collaboration with Graebel Companies
Containment Measures: Implemented by Graebel Companies
Remediation Measures: Enhanced security protocols by Graebel
Communication Strategy: Direct communication with affected individuals
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Collaboration with Graebel Companies.
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach (Third-Party) MER3502435111825
Type of Data Compromised: Personally identifiable information (pii), Financial information
Number of Records Exposed: Unknown (potentially significant)
Sensitivity of Data: High (includes SSNs and financial account information)
Personally Identifiable Information: NamesDates of birthAddressesPhone numbersSocial Security numbers
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Enhanced security protocols by Graebel.
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by disconnect mobile phones from the network, and implemented by graebel companies.
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach (Third-Party) MER3502435111825
Regulatory Notifications: Disclosed to Massachusetts Attorney General’s office
Lessons Learned and Recommendations
What recommendations were made to prevent future incidents ?
Incident : Data Breach (Third-Party) MER3502435111825
Recommendations: Monitor credit and financial accounts for suspicious activity, Enroll in complimentary credit monitoring and identity theft protection services (provided by TransUnion for 24 months)Monitor credit and financial accounts for suspicious activity, Enroll in complimentary credit monitoring and identity theft protection services (provided by TransUnion for 24 months)
References
Where can I find more information about each incident ?
Incident : Data Breach (Third-Party) MER3502435111825
Source: Massachusetts Attorney General’s Office Disclosure
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Massachusetts Attorney General’s Office Disclosure.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach (Third-Party) MER3502435111825
Investigation Status: Ongoing (scope and full impact not yet determined)
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Direct communication with affected individuals.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach (Third-Party) MER3502435111825
Stakeholder Advisories: Direct notifications sent to affected individuals
Customer Advisories: Public disclosure via regulatory notification; individual notifications sent to affected employees
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Direct notifications sent to affected individuals and Public disclosure via regulatory notification; individual notifications sent to affected employees.
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach (Third-Party) MER3502435111825
Corrective Actions: Enhanced Security Protocols By Graebel Companies, Credit Monitoring And Identity Theft Protection Services For Affected Individuals,
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Collaboration with Graebel Companies.
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Enhanced Security Protocols By Graebel Companies, Credit Monitoring And Identity Theft Protection Services For Affected Individuals, .
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2025-09-22.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025-11-17.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Names, Dates of birth, Addresses, Phone numbers, Social Security numbers, Financial account information and .
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was Collaboration with Graebel Companies.
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were Disconnect mobile phones from the network and Implemented by Graebel Companies.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Social Security numbers, Phone numbers, Dates of birth, Financial account information, Addresses and Names.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 0.
Lessons Learned and Recommendations
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Enroll in complimentary credit monitoring and identity theft protection services (provided by TransUnion for 24 months) and Monitor credit and financial accounts for suspicious activity.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Massachusetts Attorney General’s Office Disclosure.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing (scope and full impact not yet determined).
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was Direct notifications sent to affected individuals, .
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an Public disclosure via regulatory notification; individual notifications sent to affected employees.
.png)
Latest Global CVEs (Not Company-Specific)
Description
LibreChat is a ChatGPT clone with additional features. In versions 0.8.0 and below, there is no handler for JSON parsing errors; SyntaxError from express.json() includes user input in the error message, which gets reflected in responses. User input (including HTML/JavaScript) can be exposed in error responses, creating an XSS risk if Content-Type isn't strictly enforced. This issue does not have a fix at the time of publication.
Risk Information
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
LibreChat is a ChatGPT clone with additional features. In versions 0.8.0 and below, when creating prompts, JSON requests are sent to define and modify the prompts via PATCH endpoint for prompt groups (/api/prompts/groups/:groupId). However, the request bodies are not sufficiently validated for proper input, enabling users to modify prompts in a way that was not intended as part of the front end system. The patchPromptGroup function passes req.body directly to updatePromptGroup() without filtering sensitive fields. This issue is fixed in version 0.8.1.
Risk Information
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
LibreChat is a ChatGPT clone with additional features. In versions 0.8.0 and below, when a user posts a question, the iconURL parameter of the POST request can be modified by an attacker. The malicious code is then stored in the chat which can then be shared to other users. When sharing chats with a potentially malicious “tracker”, resources loaded can lead to loss of privacy for users who view the chat link that is sent to them. This issue is fixed in version 0.8.1.
Risk Information
cvss4
Base: 8.6
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
MaxKB is an open-source AI assistant for enterprise. Versions 2.3.1 and below have improper file permissions which allow attackers to overwrite the built-in dynamic linker and other critical files, potentially resulting in privilege escalation. This issue is fixed in version 2.4.0.
Risk Information
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Description
MaxKB is an open-source AI assistant for enterprise. In versions 2.3.1 and below, the tool module allows an attacker to escape the sandbox environment and escalate privileges under certain concurrent conditions. This issue is fixed in version 2.4.0.
Risk Information
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=merck' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
