Northern Trust
Company Details
Linkedin ID:
northern-trust
Employees number:
29,579
Number of followers:
613,513
NAICS:
52
Industry Type:
Homepage:
northerntrust.com
IP Addresses:
0
Company ID:
NOR_2584128
Scan Status:
In-progress
Northern Trust Company CyberSecurity Posture
northerntrust.com
As a global leader in innovative wealth management, asset servicing and investment solutions, Northern Trust (Nasdaq: NTRS) is proud to guide the world’s most successful individuals, families and institutions by remaining true to our enduring principles of service, expertise and integrity. A globally recognized Fortune 500 Company in continuous operation since 1889, we’ve built a legacy of empowering clients to reach their goals with confidence. Since our roots as a trust bank, we’ve grown to a global presence with more than 24,000 employees in more than 20 countries and across five core business units: Wealth Management Asset Management Asset Servicing Technology Corporate Functions Join a Team That’s Made for Greater At Northern Trust, we refer to our employees as partners – with good reason. We understand that relationships are the key to our success. Here you’ll join a diverse and inclusive team of innovators with the drive to challenge the way things have always been done. Instead of choosing between a dynamic career and work-life balance, enjoy working with a team that supports your goals in the office and at home. We’ll help you get where you want to go without sacrificing what matters most to you. As of December 31 2024, Northern Trust had: $16.8 trillion assets under custody/administration $13.3 trillion in assets under custody $1.6 trillion in assets under management $156 billion in banking assets Stay connected with us: NT Careers Facebook - https://www.facebook.com/ntcareers Northern Trust Instagram - https://www.instagram.com/northerntrustcompany/
Northern Trust A.I CyberSecurity Scoring
Northern Trust Risk Score (AI oriented)Between 750 and 799
Northern Trust
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Northern Trust Global Score (TPRM)XXXX
Northern Trust
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Northern Trust Company CyberSecurity News & History
Past Incidents
2
Attack Types
1
Northern Trust Company
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The California Office of the Attorney General reported that Northern Trust experienced a data breach on May 17, 2014. The breach involved the inadvertent disclosure of personal information, including names, addresses, Social Security numbers, and benefits account numbers of an unknown number of individuals. The notification was provided on July 29, 2014.
Northern Trust Corporation
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Northern Trust Corporation suffered a data breach after an unauthorized party gained access to sensitive consumer data contained on its network. The breach compromised the personal details and the account numbers of certain individuals. Northern Trust sent out data breach letters to all affected parties and informed them of the incident and notified them to protect themselves from identity theft and other frauds.
Northern Trust Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Northern Trust
Incidents vs Financial Services Industry Average (This Year)
No incidents recorded for Northern Trust in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Northern Trust in 2025.
Incident Types Northern Trust vs Financial Services Industry Avg (This Year)
No incidents recorded for Northern Trust in 2025.
Incident History — Northern Trust (X = Date, Y = Severity)
Northern Trust cyber incidents detection timeline including parent company and subsidiaries
Northern Trust Company Subsidiaries
As a global leader in innovative wealth management, asset servicing and investment solutions, Northern Trust (Nasdaq: NTRS) is proud to guide the world’s most successful individuals, families and institutions by remaining true to our enduring principles of service, expertise and integrity. A globally recognized Fortune 500 Company in continuous operation since 1889, we’ve built a legacy of empowering clients to reach their goals with confidence. Since our roots as a trust bank, we’ve grown to a global presence with more than 24,000 employees in more than 20 countries and across five core business units: Wealth Management Asset Management Asset Servicing Technology Corporate Functions Join a Team That’s Made for Greater At Northern Trust, we refer to our employees as partners – with good reason. We understand that relationships are the key to our success. Here you’ll join a diverse and inclusive team of innovators with the drive to challenge the way things have always been done. Instead of choosing between a dynamic career and work-life balance, enjoy working with a team that supports your goals in the office and at home. We’ll help you get where you want to go without sacrificing what matters most to you. As of December 31 2024, Northern Trust had: $16.8 trillion assets under custody/administration $13.3 trillion in assets under custody $1.6 trillion in assets under management $156 billion in banking assets Stay connected with us: NT Careers Facebook - https://www.facebook.com/ntcareers Northern Trust Instagram - https://www.instagram.com/northerntrustcompany/
Loading...
Northern Trust Similar Companies
Morningstar
Morningstar, Inc. is a leading provider of independent investment insights in North America, Europe, Australia, and Asia. The Company offers an extensive line of products and services for individual investors, financial advisors, asset managers and owners, retirement plan providers and sponsors, ins
HDB Financial Services (HDBFS) is a leading Non-Banking Financial Company (NBFC) that caters to the growing needs of an Aspirational India, serving both Individual & Business Clients The lines of business include - Lending and BPO Services. Incorporated in 2007, HDB is a well-established business wi
Motilal Oswal Financial Services Ltd
Motilal Oswal Financial Services Ltd. (MOFSL) was founded in 1987 as a small sub-broking unit, with just 2 people running the show. Focus on a customer-first attitude, ethical and transparent business practices, respect for professionalism, research-based value investing, and implementation of cutti
New York Life Insurance Company
For over 175 years, we've been helping people put love into action. As a mutual company we hold ourselves to the highest standards of transparency, objectivity, and integrity. We’re committed to improving local communities through a culture of giving and volunteerism, supported by our own New York L
The Allianz Group is one of the world's leading insurers and asset managers with more than 100 million private and corporate customers in more than 70 countries. We are proud to be the Worldwide Insurance Partner of the Olympic & Paralympic Movements from 2021 until 2028 and to be recognized as one
Sicredi
We are born collaborative We believe that change is only possible when everyone works together for the same purpose, after all, cooperativism is in our DNA. Besides this, we know that as important as it is to provide affordable financial solutions it is just as important to value growing together,
Barclays Investment Bank
Barclays Investment Bank deploys financial solutions to help our clients with their funding, financing, strategic and risk management needs across sectors, markets and economies. The Investment Bank is comprised of the Investment Banking, International Corporate Banking, Global Markets and Researc
At State Street, we partner with institutional investors all over the world to provide comprehensive financial services, including investment management, investment research and trading, and investment servicing. Whether you are an asset manager, asset owner, alternative asset manager, insurance com
Bank of America Merrill Lynch
From local communities to global markets, we are dedicated to shaping the future responsibly and helping clients thrive in a changing world. “Bank of America Merrill Lynch” is the marketing name for the global banking and global markets businesses of Bank of America Corporation. Bank of America is
.png)
Northern Trust CyberSecurity News
November 07, 2025 05:04 AM
Northern Trust’s Irish lead Meliosa O’Caoimh on fund industry growth: ‘It’s not rocket science’
Meliosa O'Caoimh is bracing herself for the take-off of the funds industry in Ireland. The Ireland country head of Northern Trust,...
October 22, 2025 07:00 AM
Northern Trust profit beats estimates on higher fees, interest
Northern Trust beat Wall Street expectations for third-quarter profit on Wednesday as it earned higher fees after rallying markets boosted...
October 20, 2025 07:00 AM
Digital Digest: The Latest Tech News – Northern Trust, Broadridge
Northern Trust, Broadridge Northern Trust – due to issue third-quarter results on October 22 – said it is expanding its global asset...
October 16, 2025 07:00 AM
35+ Markets: Northern Trust Expands Global Class Action Services with Broadridge, Adds Opt‑In Support
Northern Trust expands class action services with Broadridge to cover 35+ markets, add opt‑in market support and enhanced reporting;...
October 14, 2025 07:00 AM
Turns $1 into $7: Northern Trust Named IFFEd Global Custodian to Scale Education Impact
Northern Trust will provide global custody services to IFFEd, which holds a AAA credit rating and a 0% administration fee; World Bank is...
October 08, 2025 07:00 AM
Northern Trust Asset Management Appoints Slava Malkin As Senior Portfolio Manager
Northern Trust Asset Management, a leading global investment management firm with $1.3 trillion in assets under management as of June 30,...
September 26, 2025 07:00 AM
Financial Services Giant Northern Trust Announces Q3 2025 Earnings Release Date and Conference Details
Northern Trust (NTRS) will host Q3 2025 earnings conference call on October 22 at 8:00 a.m. CT. Webcast, earnings release, and materials...
September 16, 2025 07:00 AM
Northern Trust Appoints Jessica Donohue as Global Head of Product Management for Asset Servicing
CHICAGO--(BUSINESS WIRE)--Northern Trust (Nasdaq: NTRS) announced today that Jessica Donohue has joined as head of Product Management for...
September 08, 2025 07:00 AM
Franklin Templeton hires Daniel Gamba from Northern Trust as chief commercial officer
Gamba's will report directly to Franklin Templeton CEO Jenny Johnson.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Northern Trust CyberSecurity History Information
Official Website of Northern Trust
The official website of Northern Trust is https://www.northerntrust.com/about-us/careers.
Northern Trust’s AI-Generated Cybersecurity Score
According to Rankiteo, Northern Trust’s AI-generated cybersecurity score is 772, reflecting their Fair security posture.
How many security badges does Northern Trust’ have ?
According to Rankiteo, Northern Trust currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Northern Trust have SOC 2 Type 1 certification ?
According to Rankiteo, Northern Trust is not certified under SOC 2 Type 1.
Does Northern Trust have SOC 2 Type 2 certification ?
According to Rankiteo, Northern Trust does not hold a SOC 2 Type 2 certification.
Does Northern Trust comply with GDPR ?
According to Rankiteo, Northern Trust is not listed as GDPR compliant.
Does Northern Trust have PCI DSS certification ?
According to Rankiteo, Northern Trust does not currently maintain PCI DSS compliance.
Does Northern Trust comply with HIPAA ?
According to Rankiteo, Northern Trust is not compliant with HIPAA regulations.
Does Northern Trust have ISO 27001 certification ?
According to Rankiteo,Northern Trust is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Northern Trust
Northern Trust operates primarily in the Financial Services industry.
Number of Employees at Northern Trust
Northern Trust employs approximately 29,579 people worldwide.
Subsidiaries Owned by Northern Trust
Northern Trust presently has no subsidiaries across any sectors.
Northern Trust’s LinkedIn Followers
Northern Trust’s official LinkedIn profile has approximately 613,513 followers.
NAICS Classification of Northern Trust
Northern Trust is classified under the NAICS code 52, which corresponds to Finance and Insurance.
Northern Trust’s Presence on Crunchbase
No, Northern Trust does not have a profile on Crunchbase.
Northern Trust’s Presence on LinkedIn
Yes, Northern Trust maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/northern-trust.
Cybersecurity Incidents Involving Northern Trust
As of November 27, 2025, Rankiteo reports that Northern Trust has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
Northern Trust has an estimated 29,540 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Northern Trust ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does Northern Trust detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with data breach letters sent to affected parties..
Incident Details
Can you provide details on each incident ?
Title: Northern Trust Corporation Data Breach
Description: Northern Trust Corporation suffered a data breach after an unauthorized party gained access to sensitive consumer data contained on its network. The breach compromised the personal details and the account numbers of certain individuals. Northern Trust sent out data breach letters to all affected parties and informed them of the incident and notified them to protect themselves from identity theft and other frauds.
Type: Data Breach
Title: Northern Trust Data Breach
Description: The California Office of the Attorney General reported that Northern Trust experienced a data breach on May 17, 2014. The breach involved the inadvertent disclosure of personal information, including names, addresses, Social Security numbers, and benefits account numbers of an unknown number of individuals. The notification was provided on July 29, 2014.
Date Detected: 2014-05-17
Date Publicly Disclosed: 2014-07-29
Type: Data Breach
Attack Vector: Inadvertent Disclosure
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach NOR1487922
Data Compromised: Personal details, Account numbers
Identity Theft Risk: True
Incident : Data Breach NOR508072725
Data Compromised: Names, Addresses, Social security numbers, Benefits account numbers
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Details, Account Numbers, , Names, Addresses, Social Security Numbers, Benefits Account Numbers and .
Which entities were affected by each incident ?
Incident : Data Breach NOR1487922
Entity Name: Northern Trust Corporation
Entity Type: Financial Services
Industry: Finance
Incident : Data Breach NOR508072725
Entity Name: Northern Trust
Entity Type: Financial Institution
Industry: Finance
Location: California
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach NOR1487922
Communication Strategy: Data breach letters sent to affected parties
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach NOR1487922
Type of Data Compromised: Personal details, Account numbers
Incident : Data Breach NOR508072725
Type of Data Compromised: Names, Addresses, Social security numbers, Benefits account numbers
Sensitivity of Data: High
References
Where can I find more information about each incident ?
Incident : Data Breach NOR508072725
Source: California Office of the Attorney General
Date Accessed: 2014-07-29
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: California Office of the Attorney GeneralDate Accessed: 2014-07-29.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Data Breach Letters Sent To Affected Parties.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach NOR1487922
Customer Advisories: Protect themselves from identity theft and other frauds
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Protect Themselves From Identity Theft And Other Frauds and .
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2014-05-17.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2014-07-29.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were personal details, account numbers, , names, addresses, Social Security numbers, benefits account numbers and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were account numbers, names, addresses, benefits account numbers, Social Security numbers and personal details.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is California Office of the Attorney General.
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an Protect themselves from identity theft and other frauds.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=northern-trust' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
