Comparison Overview

Montefiore Health System

VS

OSF HealthCare

Montefiore Health System

111 East 210th Street, None, Bronx, NY, US, 10467
Last Update: 2025-11-27
View Profile
Between 750 and 799
http://www.montefiore.org

Montefiore is one of New York’s premier academic health systems, renowned for its leading medical school, groundbreaking research and technology, and highly specialized, coordinated care for diverse populations in the New York region, across the country and globally. Visit Montefiore.org to learn more.

NAICS: 62
NAICS Definition: Health Care and Social Assistance
Employees: 11,269
Subsidiaries: 0
12-month incidents
0
Known data breaches
2
Attack type number
1
View Profile

OSF HealthCare

124 SW Adams St, Peoria, Illinois, US, 61602
Last Update: 2025-11-23
Between 700 and 749
http://www.osfhealthcare.org

OSF HealthCare is an integrated health system founded by The Sisters of the Third Order of St. Francis. Headquartered in Peoria, Illinois, OSF HealthCare has 17 hospitals – 11 acute care, five critical access and one continuing care – with 2,305 licensed beds throughout Illinois and Michigan. OSF employs more than 26,000 Mission Partners across 171 locations; has two colleges of nursing; operates OSF Home Care Services, an extensive network of home health and hospice services; owns Pointcore, Inc., comprised of health care-related businesses; OSF HealthCare Foundation, the philanthropic arm for the organization; and OSF Ventures, which provides investment capital for promising health care innovation startups. In 2020, OSF OnCall was established as a digital health operating unit and includes a hospital-at-home program. OSF OnCall delivers care and services when, where and how patients prefer to receive them. OSF HealthCare has been recognized by Fortune as one of the most innovative companies in the country. OSF consistently earns recognition for showing dedication to the well-being of its Mission Partners: •America’s Best-in-State Employers | Forbes Magazine | 2018-2025 •150 Top Places to Work in Healthcare | Becker’s Healthcare | 2019, 2022-2025 •Best Employers for Women | Forbes Magazine | 2020 OSF HealthCare is an Equal Opportunity Employer (EOE).

NAICS: 62
NAICS Definition: Health Care and Social Assistance
Employees: 11,973
Subsidiaries: 2
12-month incidents
0
Known data breaches
0
Attack type number
2

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/montefiore-health-system.jpeg
Montefiore Health System
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/osf-healthcare.jpeg
OSF HealthCare
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Montefiore Health System
100%
Compliance Rate
0/4 Standards Verified
OSF HealthCare
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Hospitals and Health Care Industry Average (This Year)

No incidents recorded for Montefiore Health System in 2025.

Incidents vs Hospitals and Health Care Industry Average (This Year)

No incidents recorded for OSF HealthCare in 2025.

Incident History — Montefiore Health System (X = Date, Y = Severity)

Montefiore Health System cyber incidents detection timeline including parent company and subsidiaries

Incident History — OSF HealthCare (X = Date, Y = Severity)

OSF HealthCare cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/montefiore-health-system.jpeg
Montefiore Health System
Incidents

Date Detected: 1/2017
Type:Breach
Attack Vector: Insider Threat
Motivation: Data Theft
Blog: Blog

Date Detected: 1/2013
Type:Breach
Attack Vector: Insider Threat
Motivation: Theft of Patient Account Information
Blog: Blog
https://images.rankiteo.com/companyimages/osf-healthcare.jpeg
OSF HealthCare
Incidents

Date Detected: 10/2021
Type:Ransomware
Blog: Blog

Date Detected: 05/2021
Type:Data Leak
Blog: Blog

FAQ

Montefiore Health System company demonstrates a stronger AI Cybersecurity Score compared to OSF HealthCare company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Montefiore Health System and OSF HealthCare have experienced a similar number of publicly disclosed cyber incidents.

In the current year, OSF HealthCare company and Montefiore Health System company have not reported any cyber incidents.

OSF HealthCare company has confirmed experiencing a ransomware attack, while Montefiore Health System company has not reported such incidents publicly.

Montefiore Health System company has disclosed at least one data breach, while the other OSF HealthCare company has not reported such incidents publicly.

Neither OSF HealthCare company nor Montefiore Health System company has reported experiencing targeted cyberattacks publicly.

Neither Montefiore Health System company nor OSF HealthCare company has reported experiencing or disclosing vulnerabilities publicly.

Neither Montefiore Health System nor OSF HealthCare holds any compliance certifications.

Neither company holds any compliance certifications.

OSF HealthCare company has more subsidiaries worldwide compared to Montefiore Health System company.

OSF HealthCare company employs more people globally than Montefiore Health System company, reflecting its scale as a Hospitals and Health Care.

Neither Montefiore Health System nor OSF HealthCare holds SOC 2 Type 1 certification.

Neither Montefiore Health System nor OSF HealthCare holds SOC 2 Type 2 certification.

Neither Montefiore Health System nor OSF HealthCare holds ISO 27001 certification.

Neither Montefiore Health System nor OSF HealthCare holds PCI DSS certification.

Neither Montefiore Health System nor OSF HealthCare holds HIPAA certification.

Neither Montefiore Health System nor OSF HealthCare holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

Exposure of credentials in unintended requests in Devolutions Server, Remote Desktop Manager on Windows.This issue affects Devolutions Server: through 2025.3.8.0; Remote Desktop Manager: through 2025.3.23.0.

Published
Date
2025-11-28
Updated
Date
2025-11-28
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
References
Description

Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input.

Published
Date
2025-11-28
Updated
Date
2025-11-28
Risk Information
cvss4
Base: 8.8
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Reveals plaintext credentials in the MONITOR command vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 1.0.0 through 2.13.0. Users are recommended to upgrade to version 2.14.0, which fixes the issue.

Published
Date
2025-11-28
Updated
Date
2025-11-28
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
References
Description

Improper Privilege Management vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from v2.9.0 through v2.13.0. Users are recommended to upgrade to version 2.14.0, which fixes the issue.

Published
Date
2025-11-28
Updated
Date
2025-11-28
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
References
Description

File upload vulnerability in HCL Technologies Ltd. Unica 12.0.0.

Published
Date
2025-11-28
Updated
Date
2025-11-28
Risk Information
cvss3
Base: 6.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
References