Comparison Overview

Nunavik Regional Board of Health and Social Services

VS

Government of Canada

Nunavik Regional Board of Health and Social Services

cp 900, Kuujjuaq, J0M1C0, CA
Last Update: 2026-01-20
View Profile
Between 700 and 749
https://nrbhss.ca/en/careers

Nunavik’s health and social services network includes the Nunavik Regional Board of Health and Social Services, the Inuulitsivik Health Centre (Hudson Bay) and the Ungava Tulattavik Health Centre (Ungava Bay). The signing of the James Bay and Northern Quebec Agreement (JBNQA) and supplementary agreements established guidelines for the development of health and social services in Nunavik. The organization of health care and social services is a provincial jurisdiction, but it is adapted to regional realities. Given the size of its population and its cultural characteristics, Nunavik is unique in combining curative and preventive methods. In the fields of health and social services, promotion, prevention and protection activities can be carried out in a more harmonious and natural fashion. The interveners and professionals of the Nunavik health and social service network face challenges at the health, cultural, social and financial levels. Human, physical and financial resources are constantly deployed to set up the infrastructures necessary to the well-being of Nunavimmiut. Nunavik Regional Board of Health and Social Services Created in 1995 by virtue of the Act respecting health services and social services, the Nunavik Regional Board of Health and Social Services’ (NRBHSS) principal mandate is to organize health and social service programs in the region (14 villages of Nunavik), evaluate those programs'​ effectiveness and ensure the users receive services of good quality appropriate to their needs. Further, it ensures the organization and efficient use of financial resources granted to the Nunavik region. The NRBHSS is an organization dedicated to improving the health and well-being of the populations of the 14 communities on its territory. Its overall mission is to adapt the health and social service programs to the population's needs and to the region's realities. Its head office is located in Kuujjuaq.

NAICS: 92
NAICS Definition: Public Administration
Employees: 216
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
1
View Profile

Government of Canada

None
Last Update: 2026-01-25
Between 750 and 799
http://canada.ca

The Government of Canada works on behalf of Canadians, both at home and abroad. Visit www.Canada.ca to learn more. Canada’s professional, non-partisan public service is among the best in the world, and many of its departments and agencies place in Canada’s Top 100 Employers year after year. If you are interested in joining our diverse and innovative team, visit www.jobs.gc.ca for information and opportunities. Terms: https://www.canada.ca/en/transparency/terms.html Le gouvernement du Canada œuvre au nom des Canadiens, tant au pays qu’à l’étranger. Consultez le site www.canada.ca pour en savoir plus. Impartiale et professionnelle, la fonction publique du Canada fait partie de l’élite mondiale. Bon nombre de ses ministères et organismes figurent parmi les 100 meilleurs employeurs du pays année après année. Vous aimeriez intégrer notre équipe diversifiée et innovante? Rendez-vous au www.emplois.gc.ca pour obtenir des informations et connaître les possibilités qui s’offrent à vous. Avis : https://www.canada.ca/fr/transparence/avis.html

NAICS: 92
NAICS Definition: Public Administration
Employees: 145,761
Subsidiaries: 60
12-month incidents
0
Known data breaches
4
Attack type number
3

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/government-of-canada.jpeg
Government of Canada
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Nunavik Regional Board of Health and Social Services
Compliance Rate
0/4 Standards Verified
Government of Canada
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Government Administration Industry Average (This Year)

No incidents recorded for Nunavik Regional Board of Health and Social Services in 2026.

Incidents vs Government Administration Industry Average (This Year)

No incidents recorded for Government of Canada in 2026.

Incident History — Nunavik Regional Board of Health and Social Services (X = Date, Y = Severity)

Nunavik Regional Board of Health and Social Services cyber incidents detection timeline including parent company and subsidiaries

Incident History — Government of Canada (X = Date, Y = Severity)

Government of Canada cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/nrbhss.jpeg
Nunavik Regional Board of Health and Social Services
Incidents

Date Detected: 11/2025
Type:Cyber Attack
Blog: Blog
https://images.rankiteo.com/companyimages/government-of-canada.jpeg
Government of Canada
Incidents

Date Detected: 10/2025
Type:Breach
Blog: Blog

Date Detected: 5/2025
Type:Breach
Blog: Blog

Date Detected: 10/2022
Type:Breach
Attack Vector: Unpatched and decommissioned server
Blog: Blog

FAQ

Government of Canada company demonstrates a stronger AI Cybersecurity Score compared to Nunavik Regional Board of Health and Social Services company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Government of Canada company has faced a higher number of disclosed cyber incidents historically compared to Nunavik Regional Board of Health and Social Services company.

In the current year, Government of Canada company and Nunavik Regional Board of Health and Social Services company have not reported any cyber incidents.

Neither Government of Canada company nor Nunavik Regional Board of Health and Social Services company has reported experiencing a ransomware attack publicly.

Government of Canada company has disclosed at least one data breach, while Nunavik Regional Board of Health and Social Services company has not reported such incidents publicly.

Both Government of Canada company and Nunavik Regional Board of Health and Social Services company have reported experiencing targeted cyberattacks.

Neither Nunavik Regional Board of Health and Social Services company nor Government of Canada company has reported experiencing or disclosing vulnerabilities publicly.

Neither Nunavik Regional Board of Health and Social Services nor Government of Canada holds any compliance certifications.

Neither company holds any compliance certifications.

Government of Canada company has more subsidiaries worldwide compared to Nunavik Regional Board of Health and Social Services company.

Government of Canada company employs more people globally than Nunavik Regional Board of Health and Social Services company, reflecting its scale as a Government Administration.

Neither Nunavik Regional Board of Health and Social Services nor Government of Canada holds SOC 2 Type 1 certification.

Neither Nunavik Regional Board of Health and Social Services nor Government of Canada holds SOC 2 Type 2 certification.

Neither Nunavik Regional Board of Health and Social Services nor Government of Canada holds ISO 27001 certification.

Neither Nunavik Regional Board of Health and Social Services nor Government of Canada holds PCI DSS certification.

Neither Nunavik Regional Board of Health and Social Services nor Government of Canada holds HIPAA certification.

Neither Nunavik Regional Board of Health and Social Services nor Government of Canada holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the processBackgroundAction() function in all versions up to, and including, 10.0.04. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify global map engine settings.

Published
Date
2026-01-24
Updated
Date
2026-01-24
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
References
Description

The Save as PDF Plugin by PDFCrowd plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘options’ parameter in all versions up to, and including, 4.5.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. NOTE: Successful exploitation of this vulnerability requires that the PDFCrowd API key is blank (also known as "demo mode", which is the default configuration when the plugin is installed) or known.

Published
Date
2026-01-24
Updated
Date
2026-01-24
Risk Information
cvss3
Base: 6.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
References
Description

The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the action_import_module() function in all versions up to, and including, 7.8.9.2. This makes it possible for authenticated attackers, with a lower-privileged role (e.g., Subscriber-level access and above), to upload arbitrary files on the affected site's server which may make remote code execution possible. Successful exploitation requires an admin to grant Hustle module permissions (or module edit access) to the low-privileged user so they can access the Hustle admin page and obtain the required nonce.

Published
Date
2026-01-24
Updated
Date
2026-01-24
Risk Information
cvss3
Base: 7.5
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
References
Description

The WP Directory Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.9 via the wdk_public_action AJAX handler. This makes it possible for unauthenticated attackers to extract email addresses for users with Directory Kit-specific user roles.

Published
Date
2026-01-24
Updated
Date
2026-01-24
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
References
Description

The Meta-box GalleryMeta plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

Published
Date
2026-01-24
Updated
Date
2026-01-24
Risk Information
cvss3
Base: 4.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
References