Comparison Overview

Q: Between MUFG company and HSBC company, which one has the best AI Cybersecurity Score ?

MUFG company demonstrates a stronger AI Cybersecurity Score compared to HSBC company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Q: Between MUFG company and HSBC company, which one has experienced more cyber incidents in the past ?

HSBC company has faced a higher number of disclosed cyber incidents historically compared to MUFG company.

Q: Between MUFG company and HSBC company, which one has experienced more cyber incidents this year ?

In the current year, HSBC company and MUFG company have not reported any cyber incidents.

Q: Between MUFG company and HSBC company, which one has experienced at least one ransomware attack ?

Neither HSBC company nor MUFG company has reported experiencing a ransomware attack publicly.

Q: Between MUFG company and HSBC company, which one has experienced at least one data breach ?

Both HSBC company and MUFG company have disclosed experiencing at least one data breach.

Q: Between MUFG company and HSBC company, which one has experienced at least one targeted cyberattack ?

Neither HSBC company nor MUFG company has reported experiencing targeted cyberattacks publicly.

Q: Between MUFG company and HSBC company, which one has experienced at least one vulnerability ?

Neither MUFG company nor HSBC company has reported experiencing or disclosing vulnerabilities publicly.

Q: Between MUFG company and HSBC company, which one holds the most compliance certifications ?

Neither MUFG nor HSBC holds any compliance certifications.

Q: Between MUFG company and HSBC company, which one has the most subsidiaries ?

HSBC company has more subsidiaries worldwide compared to MUFG company.

MUFG

2-7-1, Marunouchi, Chiyoda-ku, Tokyo, JP, 100-8330

Last Update: 2025-12-09

View Profile

Between 800 and 849

http://www.mufg.jp/english/ourbrand/index.html

MUFG (Mitsubishi UFJ Financial Group) is one of the world's leading financial groups. Headquartered in Tokyo and with over 360 years of history, MUFG has a global network with over 2,100 locations in more than 40 markets including the Americas, Europe, the Middle East and Africa, Asia and Oceania. The Group has over 120,000 employees and offers services including commercial banking, trust banking, securities, credit cards, consumer finance, asset management, and leasing. Through close partnerships among our group companies, the Group aims to be the world's most trusted financial group, flexibly responding to all of the financial needs of its customers, serving society, and fostering shared and sustainable growth for a better world. MUFG's shares trade on the Tokyo, Nagoya, and New York stock exchanges. Watch our profile video: https://youtu.be/htyOjA1H6bQ Details of MUFG's Group companies can be found at the following websites: http://www.bk.mufg.jp/global http://www.tr.mufg.jp/english https://mufgamericas.com https://www.mufgemea.com http://www.hd.sc.mufg.jp/english ©2024Mitsubishi UFJ Financial Group, Inc. All rights reserved. The MUFG logo and name is a service mark of Mitsubishi UFJ Financial Group, Inc.

NAICS: 52

NAICS Definition: Finance and Insurance

Employees: 21,872

Subsidiaries: 2

12-month incidents

0

Known data breaches

1

Attack type number

1

View Profile

HSBC

8 Canada Square, None, London, None, GB, E14 5HQ

Last Update: 2025-12-11

Between 800 and 849

http://www.hsbc.com

Opening up a world of opportunity for our customers, investors, ourselves and the planet. We're a financial services organisation that serves more than 40 million customers, ranging from individual savers and investors to some of the world’s biggest companies and governments. Our network covers 58 countries and territories, and we’re here to use our unique expertise, capabilities, breadth and perspectives to open up a world of opportunity for our customers. HSBC is listed on the London, Hong Kong, New York, and Bermuda stock exchanges. To view our social media terms and conditions please visit the following webpage: http://www.hsbc.com/social-TandCs

NAICS: 52

NAICS Definition: Finance and Insurance

Employees: 186,976

Subsidiaries: 8

12-month incidents

0

Known data breaches

6

Attack type number

1

MUFG

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

HSBC

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Incidents vs Financial Services Industry Average (This Year)

No incidents recorded for MUFG in 2025.

Incidents vs Financial Services Industry Average (This Year)

No incidents recorded for HSBC in 2025.

Incident History — MUFG (X = Date, Y = Severity)

MUFG cyber incidents detection timeline including parent company and subsidiaries

Incident History — HSBC (X = Date, Y = Severity)

HSBC cyber incidents detection timeline including parent company and subsidiaries

MUFG

Incidents

Date Detected: 12/2021

Type:Breach

Attack Vector: External System Breach (Hacking)

Blog: Blog

HSBC

Incidents

Date Detected: 10/2018

Type:Breach

Blog: Blog

Date Detected: 12/2015

Type:Breach

Attack Vector: Unauthorized Access

Blog: Blog

Date Detected: 6/2015

Type:Breach

Attack Vector: Mistakenly Sent Data

Blog: Blog

MUFG company demonstrates a stronger AI Cybersecurity Score compared to HSBC company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

HSBC company has faced a higher number of disclosed cyber incidents historically compared to MUFG company.

In the current year, HSBC company and MUFG company have not reported any cyber incidents.

Neither HSBC company nor MUFG company has reported experiencing a ransomware attack publicly.

Both HSBC company and MUFG company have disclosed experiencing at least one data breach.

Neither HSBC company nor MUFG company has reported experiencing targeted cyberattacks publicly.

Neither MUFG company nor HSBC company has reported experiencing or disclosing vulnerabilities publicly.

Neither MUFG nor HSBC holds any compliance certifications.

Neither company holds any compliance certifications.

HSBC company has more subsidiaries worldwide compared to MUFG company.

HSBC company employs more people globally than MUFG company, reflecting its scale as a Financial Services.

Neither MUFG nor HSBC holds SOC 2 Type 1 certification.

Neither MUFG nor HSBC holds SOC 2 Type 2 certification.

Neither MUFG nor HSBC holds ISO 27001 certification.

Neither MUFG nor HSBC holds PCI DSS certification.

Neither MUFG nor HSBC holds HIPAA certification.

Neither MUFG nor HSBC holds GDPR certification.

Description

NXLog Agent before 6.11 can load a file specified by the OPENSSL_CONF environment variable.

Published

Date

2025-12-14

Updated

Date

2025-12-14

Risk Information

cvss3

Base: 8.1

Severity: HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

References

https://docs.nxlog.co/agent/current/release-notes.html#nxlog-agent-6-11

Description

uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas.

Published

Date

2025-12-14

Updated

Date

2025-12-14

Risk Information

cvss3

Base: 2.9

Severity: HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

References

Description

A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is sufficient to fix this issue. You should upgrade the affected component. The vendor confirms that this is "[f]ixed in version 4.10.2". Furthermore, that "[b]ackports for older versions in process and will be out as soon as their respective CI pipelines complete."

Published

Date

2025-12-14

Updated

Date

2025-12-14

Risk Information

cvss2

Base: 5.0

Severity: LOW

AV:N/AC:L/Au:N/C:N/I:P/A:N

cvss3

Base: 4.3

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

cvss4

Base: 5.3

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

MJML through 4.18.0 allows mj-include directory traversal to test file existence and (in the type="css" case) read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827.

Published

Date

2025-12-14

Updated

Date

2025-12-14

Risk Information

cvss3

Base: 4.5

Severity: HIGH

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:L

References

https://github.com/mjmlio/mjml/issues/3018

Description

A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network (including link-local or loopback services).

Published

Date

2025-12-14

Updated

Date

2025-12-14

Risk Information

cvss3

Base: 5.8

Severity: HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

References

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

MUFG

VS

HSBC

MUFG

HSBC

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Financial Services Industry Average (This Year)

Incidents vs Financial Services Industry Average (This Year)

Incident History — MUFG (X = Date, Y = Severity)

Incident History — HSBC (X = Date, Y = Severity)

Notable Incidents

FAQ

Latest Global CVEs (Not Company-Specific)

CVE-2025-67900

Risk Information

CVE-2025-67899

Risk Information

CVE-2025-14691

Risk Information

CVE-2025-67898

Risk Information

CVE-2025-13281

Risk Information

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

MUFG

VS

HSBC

MUFG

HSBC

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Financial Services Industry Average (This Year)

Incidents vs Financial Services Industry Average (This Year)

Incident History — MUFG (X = Date, Y = Severity)

Incident History — HSBC (X = Date, Y = Severity)

Notable Incidents

🔒 Incident : Breach MUF120080425

🔒 Incident : Breach HSB019090625

🔒 Incident : Breach HSB301072825

🔒 Incident : Breach HSB308072925

FAQ

Between MUFG company and HSBC company, which one has the best AI Cybersecurity Score ?

Between MUFG company and HSBC company, which one has experienced more cyber incidents in the past ?

Between MUFG company and HSBC company, which one has experienced more cyber incidents this year ?

Between MUFG company and HSBC company, which one has experienced at least one ransomware attack ?

Between MUFG company and HSBC company, which one has experienced at least one data breach ?

Between MUFG company and HSBC company, which one has experienced at least one targeted cyberattack ?

Between MUFG company and HSBC company, which one has experienced at least one vulnerability ?

Between MUFG company and HSBC company, which one holds the most compliance certifications ?

Between MUFG company and HSBC company, which one holds the fewest compliance certifications ?

Between MUFG company and HSBC company, which one has the most subsidiaries ?

Between MUFG company and HSBC company, which one has the largest number of employees ?

Between MUFG and HSBC, which company holds both SOC 2 Type 1 certifications ?

Between MUFG and HSBC, which company holds both SOC 2 Type 2 certifications ?

Which company is ISO 27001 certified — MUFG or HSBC ?

Which company is PCI DSS compliant — MUFG or HSBC ?

Between MUFG and HSBC, which company complies with HIPAA regulations for healthcare data ?

Between MUFG and HSBC, which company complies with GDPR requirements ?

Latest Global CVEs (Not Company-Specific)

CVE-2025-67900

Risk Information

CVE-2025-67899

Risk Information

CVE-2025-14691

Risk Information

CVE-2025-67898

Risk Information

CVE-2025-13281

Risk Information