NRH
Company Details
Linkedin ID:
nrhemporia
Website:
Employees number:
300
Number of followers:
995
NAICS:
62
Industry Type:
Homepage:
newmanrh.org
IP Addresses:
0
Company ID:
NEW_1759972
Scan Status:
In-progress
Newman Regional Health Company CyberSecurity Posture
newmanrh.org
Newman Regional Health is Emporia's community hospital, providing a wide range of medical, surgical, outpatient, and hospice services. Newman Regional Health is a teaching hospital and is home to the ESU Newman Division of Nursing. Owned by the people of Lyon county, Newman operates as a not-for-profit hospital, and is licensed for 190 beds. It is the fifth-largest employer in the area. “They saw the best equipped hospital in the West. They saw a beautiful building architecturally, and they saw an interior decorated with taste, altogether a thing of beauty that shall be a joy forever.” – Emporia Gazette, March 6, 1922, on the open house. Since 1922, Newman Regional Health has been a vital part of healthcare for a seven county area surrounding Emporia, Kansas. The Emporia Gazette used the Winston Churchill quote, “We live not by what we have, but by what we give,” on March 5, 1922 to describe George Newman’s generous contribution.
Newman Regional Health A.I CyberSecurity Scoring
NRH Risk Score (AI oriented)Between 700 and 749
NRH
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
NRH Global Score (TPRM)XXXX
NRH
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
NRH Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Newman Regional Health
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Kan.-based Newman Regional Health fell victim to an email breach incident that compromised its patient health information. An unauthorized party accessed some of its email accounts" between Jan. 26, 2021, and Nov. 23, 2021. Those accounts contained identifiable protected health information of patients, including names, dates of birth, medical record or other identification numbers, contact details, limited heath, treatment or insurance information, employee information, and Social Security number. The regional health investigated the incident after knowing that breached information was misused.
NRH Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for NRH
Incidents vs Hospitals and Health Care Industry Average (This Year)
No incidents recorded for Newman Regional Health in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Newman Regional Health in 2025.
Incident Types NRH vs Hospitals and Health Care Industry Avg (This Year)
No incidents recorded for Newman Regional Health in 2025.
Incident History — NRH (X = Date, Y = Severity)
NRH cyber incidents detection timeline including parent company and subsidiaries
NRH Company Subsidiaries
Newman Regional Health is Emporia's community hospital, providing a wide range of medical, surgical, outpatient, and hospice services. Newman Regional Health is a teaching hospital and is home to the ESU Newman Division of Nursing. Owned by the people of Lyon county, Newman operates as a not-for-profit hospital, and is licensed for 190 beds. It is the fifth-largest employer in the area. “They saw the best equipped hospital in the West. They saw a beautiful building architecturally, and they saw an interior decorated with taste, altogether a thing of beauty that shall be a joy forever.” – Emporia Gazette, March 6, 1922, on the open house. Since 1922, Newman Regional Health has been a vital part of healthcare for a seven county area surrounding Emporia, Kansas. The Emporia Gazette used the Winston Churchill quote, “We live not by what we have, but by what we give,” on March 5, 1922 to describe George Newman’s generous contribution.
Loading...
NRH Similar Companies
Health Service Executive
Our purpose is to provide safe, high quality health and personal social services to the population of Ireland. Our vision is a healthier Ireland with a high quality health service valued by all. Our Workforce The health service is the largest employer in the state with over 110,000 whole time equ
OhioHealth
OhioHealth is a nationally recognized, not-for-profit, faith-based health system of more than 35,000 associates, providers and volunteers. We lead with our mission to improve the health of those we serve throughout our 16 hospitals and 200+ urgent, primary and specialty care sites spanning 50 Ohio c
Duke University Health System
As a world-class academic and health care system, Duke Health strives to transform medicine and health locally and globally through innovative scientific research, rapid translation of breakthrough discoveries, educating future clinical and scientific leaders, advocating and practicing evidence-base
RWJBarnabas Health is New Jersey’s largest and most comprehensive academic health system, caring for more than 5 million people annually. Nationally renowned for quality and safety, the system includes 14 hospitals and 9,000 affiliated physicians integrated to provide care at more than 700 patient
Texas Children's Hospital
Texas Children’s Hospital is a world-class pediatric facility, nationally recognized as a top children’s hospital, and voted one of the best places to work in Houston for nine years running. We’re committed to creating a healthy community for children by providing the best pediatric care possible, t
MultiCare Health System
MultiCare’s roots in the Pacific Northwest go back to 1882, with the founding of Tacoma’s first hospital. Over the years, we’ve grown from a Tacoma-centric, hospital-based organization into the largest, community-based, locally governed health system in the state of Washington. Today, our comprehe
Geisinger is among the nation’s leading providers of value-based care, serving 1.2 million people in urban and rural communities across Pennsylvania. Founded in 1915 by philanthropist Abigail Geisinger, the nonprofit system generates $10 billion in annual revenues across 126 care sites — including 1
CHRISTUS Health
CHRISTUS Health is a Catholic not-for-profit health care system comprising more than 600 centers, including long-term care facilities, community hospitals, walk-in clinics and health ministries. We are a community of 50,000 Associates, with over 15,000 physicians providing personalized care. Our m
Henry Ford Health
*Job seekers: please be aware of fraudulent job postings and phishing scams via LinkedIn. Henry Ford Health only contacts applicants through our human resources department and via a corporate email address. Here are some tips to be aware of: http://ow.ly/Kc0o50EKory Serving communities across Mic
.png)
NRH CyberSecurity News
August 29, 2025 07:00 AM
Newman Regional: Contractor error set off active shooter alarm
Newman Regional Health says a technical mishap triggered the facility-wide lockdown that sent law enforcement rushing to the hospital...
February 01, 2025 08:00 AM
Kansas health systems announces partnership to improve care
The University of Kansas Health System, Newman Regional Health, and LMH Health have formed a 'strategic affiliation.' It's not a merger,...
January 22, 2024 08:00 AM
Celebrating Cybersecurity Growth in Kansas
Celebrating Cybersecurity Growth in Kansas On Friday, I was at Emporia State University to celebrate the grand opening of Kansas' first...
June 24, 2022 07:00 AM
MCG Health Data Breach Impacts 8 Organizations, 793K Individuals
About 793283 individuals and at least 8 organizations were impacted by a third-party data breach stemming from MCG Health.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
NRH CyberSecurity History Information
Official Website of Newman Regional Health
The official website of Newman Regional Health is http://www.newmanrh.org.
Newman Regional Health’s AI-Generated Cybersecurity Score
According to Rankiteo, Newman Regional Health’s AI-generated cybersecurity score is 737, reflecting their Moderate security posture.
How many security badges does Newman Regional Health’ have ?
According to Rankiteo, Newman Regional Health currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Newman Regional Health have SOC 2 Type 1 certification ?
According to Rankiteo, Newman Regional Health is not certified under SOC 2 Type 1.
Does Newman Regional Health have SOC 2 Type 2 certification ?
According to Rankiteo, Newman Regional Health does not hold a SOC 2 Type 2 certification.
Does Newman Regional Health comply with GDPR ?
According to Rankiteo, Newman Regional Health is not listed as GDPR compliant.
Does Newman Regional Health have PCI DSS certification ?
According to Rankiteo, Newman Regional Health does not currently maintain PCI DSS compliance.
Does Newman Regional Health comply with HIPAA ?
According to Rankiteo, Newman Regional Health is not compliant with HIPAA regulations.
Does Newman Regional Health have ISO 27001 certification ?
According to Rankiteo,Newman Regional Health is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Newman Regional Health
Newman Regional Health operates primarily in the Hospitals and Health Care industry.
Number of Employees at Newman Regional Health
Newman Regional Health employs approximately 300 people worldwide.
Subsidiaries Owned by Newman Regional Health
Newman Regional Health presently has no subsidiaries across any sectors.
Newman Regional Health’s LinkedIn Followers
Newman Regional Health’s official LinkedIn profile has approximately 995 followers.
NAICS Classification of Newman Regional Health
Newman Regional Health is classified under the NAICS code 62, which corresponds to Health Care and Social Assistance.
Newman Regional Health’s Presence on Crunchbase
No, Newman Regional Health does not have a profile on Crunchbase.
Newman Regional Health’s Presence on LinkedIn
Yes, Newman Regional Health maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/nrhemporia.
Cybersecurity Incidents Involving Newman Regional Health
As of December 10, 2025, Rankiteo reports that Newman Regional Health has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Newman Regional Health has an estimated 30,877 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Newman Regional Health ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
Incident Details
Can you provide details on each incident ?
Title: Email Breach at Newman Regional Health
Description: Newman Regional Health experienced an email breach incident that compromised patient health information. An unauthorized party accessed some of its email accounts between Jan. 26, 2021, and Nov. 23, 2021. The accounts contained identifiable protected health information of patients, including names, dates of birth, medical record or other identification numbers, contact details, limited health, treatment or insurance information, employee information, and Social Security numbers. The incident was investigated after it was discovered that the breached information was misused.
Date Detected: Nov. 23, 2021
Type: Email Breach
Attack Vector: Email Account Access
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Email Accounts.
Impact of the Incidents
What was the impact of each incident ?
Incident : Email Breach NEW213217522
Data Compromised: Names, Dates of birth, Medical record or other identification numbers, Contact details, Limited health, treatment or insurance information, Employee information, Social security numbers
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Information, Health Information, Employee Information and .
Which entities were affected by each incident ?
Incident : Email Breach NEW213217522
Entity Name: Newman Regional Health
Entity Type: Healthcare
Industry: Healthcare
Location: Kansas
Data Breach Information
What type of data was compromised in each breach ?
Incident : Email Breach NEW213217522
Type of Data Compromised: Personal information, Health information, Employee information
Sensitivity of Data: High
Personally Identifiable Information: NamesDates of BirthMedical Record or Other Identification NumbersContact DetailsSocial Security Numbers
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Email Breach NEW213217522
Investigation Status: Investigated
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Email Breach NEW213217522
Entry Point: Email Accounts
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on Nov. 23, 2021.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Names, Dates of Birth, Medical Record or Other Identification Numbers, Contact Details, Limited Health, Treatment or Insurance Information, Employee Information, Social Security Numbers and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Employee Information, Limited Health, Treatment or Insurance Information, Names, Social Security Numbers, Contact Details, Medical Record or Other Identification Numbers and Dates of Birth.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Investigated.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Email Accounts.
.png)
Latest Global CVEs (Not Company-Specific)
Description
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Versions 3.5.4 and below contain a Stored Cross-Site Scripting (XSS) vulnerability in the /WeGIA/html/geral/configurar_senhas.php endpoint. The application does not sanitize user-controlled data before rendering it inside the employee selection dropdown. The application retrieves employee names from the database and injects them directly into HTML <option> elements without proper escaping. This issue is fixed in version 3.5.5.
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Description
ZITADEL is an open-source identity infrastructure tool. Versions 4.0.0-rc.1 through 4.7.0 are vulnerable to DOM-Based XSS through the Zitadel V2 logout endpoint. The /logout endpoint insecurely routes to a value that is supplied in the post_logout_redirect GET parameter. As a result, unauthenticated remote attacker can execute malicious JS code on Zitadel users’ browsers. To carry out an attack, multiple user sessions need to be active in the same browser, however, account takeover is mitigated when using Multi-Factor Authentication (MFA) or Passwordless authentication. This issue is fixed in version 4.7.1.
Risk Information
cvss3
Base: 8.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N
Description
ZITADEL is an open-source identity infrastructure tool. Versions 4.7.0 and below are vulnerable to an unauthenticated, full-read SSRF vulnerability. The ZITADEL Login UI (V2) treats the x-zitadel-forward-host header as a trusted fallback for all deployments, including self-hosted instances. This allows an unauthenticated attacker to force the server to make HTTP requests to arbitrary domains, such as internal addresses, and read the responses, enabling data exfiltration and bypassing network-segmentation controls. This issue is fixed in version 4.7.1.
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
Description
NiceGUI is a Python-based UI framework. Versions 3.3.1 and below are vulnerable to directory traversal through the App.add_media_files() function, which allows a remote attacker to read arbitrary files on the server filesystem. This issue is fixed in version 3.4.0.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Description
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions are vulnerable to authentication bypass when the authentication type is set to "webserver." When providing an Authorization header with an arbitrary value, a session is associated with the target user regardless of valid credentials. This issue is fixed in versions 16.0.44 and 17.0.23.
Risk Information
cvss4
Base: 9.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/FreePBX/framework/commit/04224253156543cd9932b90458660b2f19fc0e35#diff-72f14a52840a61504a8e03cd195035b44e488aecd634b001bc6412a04bdc940bR20-R50
- https://github.com/FreePBX/security-reporting/security/advisories/GHSA-9jvh-mv6x-w698
- https://www.freepbx.org/watch-what-we-do-with-security-fixes-%f0%9f%91%80
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=nrhemporia' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
