MSD
Company Details
Linkedin ID:
msd-global
Website:
Employees number:
35,519
Number of followers:
1,133,621
NAICS:
3254
Industry Type:
Homepage:
msd.com
IP Addresses:
0
Company ID:
MSD_2025770
Scan Status:
In-progress
MSD Company CyberSecurity Posture
msd.com
At MSD, known as Merck & Co., Inc., Rahway, NJ, USA in the United States and Canada, we are unified around our purpose: We use the power of leading-edge science to save and improve lives around the world. For more than 130 years, we have brought hope to humanity through the development of important medicines and vaccines. We aspire to be the premier research-intensive biopharmaceutical company in the world – and today, we are at the forefront of research to deliver innovative health solutions that advance the prevention and treatment of diseases in people and animals. We foster a diverse and inclusive global workforce and operate responsibly every day to enable a safe, sustainable and healthy future for all people and communities. For more information, visit www.msd.com and connect with us on Facebook, Instagram, Twitter, and YouTube.
MSD A.I CyberSecurity Scoring
MSD Risk Score (AI oriented)Between 750 and 799
MSD
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
MSD Global Score (TPRM)XXXX
MSD
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
MSD Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Merck Sharpe & Dohme LLC
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: In September 2025, Merck Sharpe & Dohme LLC experienced a data breach via its third-party service provider, Graebel Companies Inc., which manages employee relocation services. Unauthorized access to Graebel’s systems exposed sensitive personally identifiable information (PII) of current and former Merck employees. The compromised data includes names, dates of birth, addresses, phone numbers, Social Security numbers, and financial account details. Merck confirmed the breach after an internal review and reported it to the Massachusetts Attorney General’s office in November 2025. Affected individuals were notified, and the company offered free identity theft protection services (Cyberscout) to mitigate risks. The full scope of the breach remains undetermined but is potentially significant, with legal firms investigating compensation claims for victims, including reimbursement for financial losses, time spent resolving issues, and emotional distress.
MSD Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for MSD
Incidents vs Pharmaceutical Manufacturing Industry Average (This Year)
MSD has 13.64% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
MSD has 56.25% more incidents than the average of all companies with at least one recorded incident.
Incident Types MSD vs Pharmaceutical Manufacturing Industry Avg (This Year)
MSD reported 1 incidents this year: 0 cyber attacks, 0 ransomware, 0 vulnerabilities, 1 data breaches, compared to industry peers with at least 1 incident.
Incident History — MSD (X = Date, Y = Severity)
MSD cyber incidents detection timeline including parent company and subsidiaries
MSD Company Subsidiaries
At MSD, known as Merck & Co., Inc., Rahway, NJ, USA in the United States and Canada, we are unified around our purpose: We use the power of leading-edge science to save and improve lives around the world. For more than 130 years, we have brought hope to humanity through the development of important medicines and vaccines. We aspire to be the premier research-intensive biopharmaceutical company in the world – and today, we are at the forefront of research to deliver innovative health solutions that advance the prevention and treatment of diseases in people and animals. We foster a diverse and inclusive global workforce and operate responsibly every day to enable a safe, sustainable and healthy future for all people and communities. For more information, visit www.msd.com and connect with us on Facebook, Instagram, Twitter, and YouTube.
Loading...
MSD Similar Companies
MANKIND PHARMA LTD
Mankind Pharma, one of the top 5 leading pharmaceutical companies in India, started its journey in 1995. Today, we have an employee base of over 20,000 and are racing towards $1 Billion. At Mankind, we aspire to aid the community in leading a healthy life by formulating, developing, commercializing,
Eli Lilly and Company
We're a medicine company turning science into healing to make life better for people around the world. It all started nearly 150 years ago with a clear vision from founder Colonel Eli Lilly: "Take what you find here and make it better and better." Harnessing the power of biotechnology, chemistry and
At Lonza, we enable A Healthier World by supporting our healthcare customers on the path to commercialization. Our community of 16,000 talented employees work across a global network of more than 30 sites to deliver for our customers across the pharma, biotech and nutrition markets. By combining t
AUROBINDO PHARMA LTD
Aurobindo Pharma Limited (NSE: AUROPHARMA, BSE: 524804, Reuters: ARBN.NS, Bloomberg: ARBP IN) is an integrated global pharmaceutical company headquartered in Hyderabad, India. The Company develops, manufactures, and markets a wide range of generic pharmaceuticals, branded specialty drugs, and active
EMS is the leading pharmaceutical company in Brazil. Established since 45 years and with 100% national capital, the company has two industrial plants strategically placed in São Bernardo do Campo and Hortolândia, in the state of São Paulo. With a work based on daring, simplicity, excellence and res
AbbVie is a global biopharmaceutical company focused on creating medicines and solutions that put impact first — for patients, communities, and our world. We aim to address complex health issues and enhance people's lives through our core therapeutic areas: immunology, oncology, neuroscience, eye ca
Novartis is an innovative medicines company. Every day, working to reimagine medicine to improve and extend people’s lives so that patients, healthcare professionals and societies are empowered in the face of serious disease. Our medicines reach more than 250 million people worldwide. Find out mor
Parexel
Parexel is among the world’s largest clinical research organizations (CROs), providing the full range of Phase I to IV clinical development services to help life-saving treatments reach patients faster. Leveraging the breadth of our clinical, regulatory and therapeutic expertise, our team of more th
Lupin Limited is a global pharmaceutical leader headquartered in Mumbai, India, with products distributed in over 100 markets. Lupin specializes in pharmaceutical products, including branded and generic formulations, complex generics, biotechnology products, and active pharmaceutical ingredients. Tr
.png)
MSD CyberSecurity News
October 08, 2025 07:00 AM
Industrial Cyber Security Event
ICT Group will be present at the FHI Industrial Cyber Security event at the 1931 Conference Center in Den Bosch. This event offers practical insights into the...
September 30, 2025 07:00 AM
From Defense to Resilience: Where School Cybersecurity Goes Next
The future of cybersecurity in schools is to build resilience. As one district IT director puts it, “we're asking how we can get in front of...
September 04, 2025 07:00 AM
Under Siege: How Schools Are Fighting Back Against Rising Cyber Threats
Generative AI has weaponized phishing,” one IT director says. “Even seasoned staff can't always tell the difference.”
August 04, 2025 07:00 AM
Cybersecurity Startup Armis' CEO Yevgeny Dibrov Talks Deals, IPO
Hi, it's Liana Baker in New York, catching up with the CEO of a cybersecurity startup. Also today, communications firm Teneo gets a new...
May 21, 2025 07:00 AM
Bain Capital leads backing for Acrisure’s pivot toward tech-enabled services
Acrisure has entered into a definitive agreement to issue new convertible senior preferred stock in a US$2.1 billion capital raise, with the round led by Bain...
May 20, 2025 07:00 AM
Financial services firm Acrisure valued at $32 billion in Bain-led funding round
Acrisure has raised $2.1 billion from Bain Capital and other investors, its CEO told Reuters on Tuesday, valuing the firm at $32 billion and...
April 20, 2025 07:00 AM
Marjory Stoneman Douglas Students Win $5,000 AI and Cybersecurity Competition
Two students from Marjory Stoneman Douglas High School won first place in the national NAF Academy of Finance's "Behind the Screen: AI,...
April 11, 2025 07:00 AM
ICT Group automates new MSD Animal Health factory
For the construction of a new animal health facility in Boxmeer, MSD AH selected equipment from six different suppliers, each with its own...
April 01, 2025 07:00 AM
Ravindra Jadeja shares Instagram Story dedicated to MS Dhoni after CSK's poor IPL 2025 start
Cricket News: Chennai Super Kings have had a challenging start in IPL 2025, suffering defeats against Royal Challengers Bengaluru and...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
MSD CyberSecurity History Information
Official Website of MSD
The official website of MSD is http://www.msd.com.
MSD’s AI-Generated Cybersecurity Score
According to Rankiteo, MSD’s AI-generated cybersecurity score is 760, reflecting their Fair security posture.
How many security badges does MSD’ have ?
According to Rankiteo, MSD currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does MSD have SOC 2 Type 1 certification ?
According to Rankiteo, MSD is not certified under SOC 2 Type 1.
Does MSD have SOC 2 Type 2 certification ?
According to Rankiteo, MSD does not hold a SOC 2 Type 2 certification.
Does MSD comply with GDPR ?
According to Rankiteo, MSD is not listed as GDPR compliant.
Does MSD have PCI DSS certification ?
According to Rankiteo, MSD does not currently maintain PCI DSS compliance.
Does MSD comply with HIPAA ?
According to Rankiteo, MSD is not compliant with HIPAA regulations.
Does MSD have ISO 27001 certification ?
According to Rankiteo,MSD is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of MSD
MSD operates primarily in the Pharmaceutical Manufacturing industry.
Number of Employees at MSD
MSD employs approximately 35,519 people worldwide.
Subsidiaries Owned by MSD
MSD presently has no subsidiaries across any sectors.
MSD’s LinkedIn Followers
MSD’s official LinkedIn profile has approximately 1,133,621 followers.
NAICS Classification of MSD
MSD is classified under the NAICS code 3254, which corresponds to Pharmaceutical and Medicine Manufacturing.
MSD’s Presence on Crunchbase
No, MSD does not have a profile on Crunchbase.
MSD’s Presence on LinkedIn
Yes, MSD maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/msd-global.
Cybersecurity Incidents Involving MSD
As of December 04, 2025, Rankiteo reports that MSD has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
MSD has an estimated 5,307 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at MSD ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does MSD detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with cyberscout (identity theft protection services), and containment measures with system access restrictions (by graebel), and recovery measures with notifications to affected individuals, recovery measures with free identity theft protection services (cyberscout), and communication strategy with direct mailing to affected individuals, communication strategy with public disclosure via massachusetts attorney general’s office, communication strategy with legal advisories via shamis & gentile p.a...
Incident Details
Can you provide details on each incident ?
Title: Merck Sharpe & Dohme LLC Data Breach via Graebel Companies Inc.
Description: Merck Sharpe & Dohme LLC, a multinational pharmaceutical company, experienced a data breach through its U.S.-based service provider, Graebel Companies Inc., which handles employee relocation management services. Unauthorized access to Graebel's systems exposed sensitive personally identifiable information (PII) of current and former Merck employees. The breach was detected in September 2025, with Merck completing its review by October 20, 2025. Notifications were sent to affected individuals, and the incident was reported to the Massachusetts Attorney General’s office on November 17, 2025. The full extent of the breach is not yet known but is potentially significant.
Date Detected: 2025-09
Date Publicly Disclosed: 2025-11-17
Type: data breach
Attack Vector: unauthorized accesssupply chain compromise
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : data breach MSD0602706111825
Systems Affected: Graebel Companies Inc. systems
Brand Reputation Impact: potential (ongoing investigation)
Legal Liabilities: potential (class action lawsuits initiated)
Identity Theft Risk: high (PII exposed)
Payment Information Risk: high (financial account information exposed)
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personally Identifiable Information (Pii), Financial Account Information and .
Which entities were affected by each incident ?
Incident : data breach MSD0602706111825
Entity Name: Merck Sharpe & Dohme LLC
Entity Type: pharmaceutical company
Industry: healthcare/pharmaceuticals
Location: Rahway, New Jersey, USA
Size: multinational (large)
Incident : data breach MSD0602706111825
Entity Name: Graebel Companies Inc.
Entity Type: service provider
Industry: employee relocation management
Location: USA
Customers Affected: current and former Merck employees
Response to the Incidents
What measures were taken in response to each incident ?
Incident : data breach MSD0602706111825
Incident Response Plan Activated: True
Third Party Assistance: Cyberscout (Identity Theft Protection Services).
Containment Measures: system access restrictions (by Graebel)
Recovery Measures: notifications to affected individualsfree identity theft protection services (Cyberscout)
Communication Strategy: direct mailing to affected individualspublic disclosure via Massachusetts Attorney General’s officelegal advisories via Shamis & Gentile P.A.
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Cyberscout (identity theft protection services), .
Data Breach Information
What type of data was compromised in each breach ?
Incident : data breach MSD0602706111825
Type of Data Compromised: Personally identifiable information (pii), Financial account information
Sensitivity of Data: high
Data Exfiltration: likely (under investigation)
Personally Identifiable Information: namedate of birthaddressphone numberSocial Security number
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by system access restrictions (by graebel) and .
Ransomware Information
How does the company recover data encrypted by ransomware ?
Data Recovery from Ransomware: The company recovers data encrypted by ransomware through notifications to affected individuals, free identity theft protection services (Cyberscout), .
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : data breach MSD0602706111825
Legal Actions: class action lawsuits (investigated by Shamis & Gentile P.A.),
Regulatory Notifications: Massachusetts Attorney General’s office (reported on 2025-11-17)
How does the company ensure compliance with regulatory requirements ?
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through class action lawsuits (investigated by Shamis & Gentile P.A.), .
Lessons Learned and Recommendations
What recommendations were made to prevent future incidents ?
Incident : data breach MSD0602706111825
Recommendations: Monitor financial accounts for suspicious activity, Sign up for free Cyberscout identity theft protection services, Place a fraud alert with credit bureaus, Request free annual credit reports, Seek legal counsel for compensation eligibilityMonitor financial accounts for suspicious activity, Sign up for free Cyberscout identity theft protection services, Place a fraud alert with credit bureaus, Request free annual credit reports, Seek legal counsel for compensation eligibilityMonitor financial accounts for suspicious activity, Sign up for free Cyberscout identity theft protection services, Place a fraud alert with credit bureaus, Request free annual credit reports, Seek legal counsel for compensation eligibilityMonitor financial accounts for suspicious activity, Sign up for free Cyberscout identity theft protection services, Place a fraud alert with credit bureaus, Request free annual credit reports, Seek legal counsel for compensation eligibilityMonitor financial accounts for suspicious activity, Sign up for free Cyberscout identity theft protection services, Place a fraud alert with credit bureaus, Request free annual credit reports, Seek legal counsel for compensation eligibility
References
Where can I find more information about each incident ?
Incident : data breach MSD0602706111825
Source: Shamis & Gentile P.A. (class action investigation)
Incident : data breach MSD0602706111825
Source: Massachusetts Attorney General’s office (breach notification)
Date Accessed: 2025-11-17
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Shamis & Gentile P.A. (class action investigation), and Source: Massachusetts Attorney General’s office (breach notification)Date Accessed: 2025-11-17.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : data breach MSD0602706111825
Investigation Status: ongoing (full extent of breach not yet known)
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Direct Mailing To Affected Individuals, Public Disclosure Via Massachusetts Attorney General’S Office and Legal Advisories Via Shamis & Gentile P.A..
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : data breach MSD0602706111825
Stakeholder Advisories: Notifications Mailed To Affected Individuals.
Customer Advisories: Free identity theft protection (Cyberscout)Fraud alert and credit report recommendationsLegal compensation eligibility
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Notifications Mailed To Affected Individuals, Free Identity Theft Protection (Cyberscout), Fraud Alert And Credit Report Recommendations, Legal Compensation Eligibility and .
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : data breach MSD0602706111825
High Value Targets: Employee Pii And Financial Data,
Data Sold on Dark Web: Employee Pii And Financial Data,
Post-Incident Analysis
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Cyberscout (Identity Theft Protection Services), .
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2025-09.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025-11-17.
Impact of the Incidents
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Graebel Companies Inc. systems.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was cyberscout (identity theft protection services), .
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was system access restrictions (by Graebel).
Data Breach Information
Regulatory Compliance
What was the most significant legal action taken for a regulatory violation ?
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was class action lawsuits (investigated by Shamis & Gentile P.A.), .
Lessons Learned and Recommendations
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Place a fraud alert with credit bureaus, Sign up for free Cyberscout identity theft protection services, Request free annual credit reports, Monitor financial accounts for suspicious activity and Seek legal counsel for compensation eligibility.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Shamis & Gentile P.A. (class action investigation) and Massachusetts Attorney General’s office (breach notification).
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is ongoing (full extent of breach not yet known).
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was notifications mailed to affected individuals, .
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an Free identity theft protection (Cyberscout)Fraud alert and credit report recommendationsLegal compensation eligibility.
.png)
Latest Global CVEs (Not Company-Specific)
Description
MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. Prior to 2.9.8, there is a security issue exists in the exec_in_pod tool of the mcp-server-kubernetes MCP Server. The tool accepts user-provided commands in both array and string formats. When a string format is provided, it is passed directly to shell interpretation (sh -c) without input validation, allowing shell metacharacters to be interpreted. This vulnerability can be exploited through direct command injection or indirect prompt injection attacks, where AI agents may execute commands without explicit user intent. This vulnerability is fixed in 2.9.8.
Risk Information
cvss3
Base: 6.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
Description
XML external entity (XXE) injection in eyoucms v1.7.1 allows remote attackers to cause a denial of service via crafted body of a POST request.
Description
An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to access administrative functions of the device (e.g. file upload, firmware update, reboot...) via a crafted authentication bypass.
Description
Cal.com is open-source scheduling software. Prior to 5.9.8, A flaw in the login credentials provider allows an attacker to bypass password verification when a TOTP code is provided, potentially gaining unauthorized access to user accounts. This issue exists due to problematic conditional logic in the authentication flow. This vulnerability is fixed in 5.9.8.
Risk Information
cvss4
Base: 9.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1, when an application passed an attacker controlled float poing number into the toFixed() function, it might lead to high CPU consumption and a potential Denial of Service. Small numbers go through this call stack: NativeNumber.numTo > DToA.JS_dtostr > DToA.JS_dtoa > DToA.pow5mult where pow5mult attempts to raise 5 to a ridiculous power. This vulnerability is fixed in 1.8.1, 1.7.15.1, and 1.7.14.1.
Risk Information
cvss4
Base: 5.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=msd-global' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
