OAP
Company Details
Linkedin ID:
o'reilly-auto-parts
Website:
Employees number:
22,789
Number of followers:
214,405
NAICS:
43
Industry Type:
Homepage:
oreillyauto.com
IP Addresses:
24
Company ID:
O'R_2319209
Scan Status:
Completed
O'Reilly Auto Parts Company CyberSecurity Posture
oreillyauto.com
O’Reilly Auto Parts started as a single store and has grown into a leading retailer in the automotive aftermarket industry with more than 6,100 locations and counting. With more than 94,000 team members, O’Reilly has expanded into 48 states, Puerto Rico, Mexico, and Canada. O’Reilly, headquartered in Springfield, Missouri, has a deep commitment to serving our customers, community, and our team members. Our culture values make O’Reilly the best place to work and grow! Whether you're interested in running a local store, managing a distribution center, or climbing the corporate ladder, O’Reilly has a career path in which you can truly thrive. Find out what it means to Live Green at our Fortune 500 Company and come work at the O! Mission: O'Reilly Automotive intends to be the dominant supplier of auto parts in our market areas by offering our retail customers, professional installers, and jobbers the best combination of price and quality provided with the highest possible service level.
O'Reilly Auto Parts A.I CyberSecurity Scoring
OAP Risk Score (AI oriented)Between 800 and 849
OAP
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
OAP Global Score (TPRM)XXXX
OAP
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
OAP Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
OAP Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for OAP
Incidents vs Retail Industry Average (This Year)
No incidents recorded for O'Reilly Auto Parts in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for O'Reilly Auto Parts in 2025.
Incident Types OAP vs Retail Industry Avg (This Year)
No incidents recorded for O'Reilly Auto Parts in 2025.
Incident History — OAP (X = Date, Y = Severity)
OAP cyber incidents detection timeline including parent company and subsidiaries
OAP Company Subsidiaries
O’Reilly Auto Parts started as a single store and has grown into a leading retailer in the automotive aftermarket industry with more than 6,100 locations and counting. With more than 94,000 team members, O’Reilly has expanded into 48 states, Puerto Rico, Mexico, and Canada. O’Reilly, headquartered in Springfield, Missouri, has a deep commitment to serving our customers, community, and our team members. Our culture values make O’Reilly the best place to work and grow! Whether you're interested in running a local store, managing a distribution center, or climbing the corporate ladder, O’Reilly has a career path in which you can truly thrive. Find out what it means to Live Green at our Fortune 500 Company and come work at the O! Mission: O'Reilly Automotive intends to be the dominant supplier of auto parts in our market areas by offering our retail customers, professional installers, and jobbers the best combination of price and quality provided with the highest possible service level.
Loading...
OAP Similar Companies
Founded in 1992, Majid Al Futtaim is an Emirati-owned, diversified lifestyle conglomerate operating across the Middle East, Africa and Asia. The Group started from one man’s vision to transform the face of shopping, entertainment, and leisure to ‘Create Great Moments For Everyone, Everyday’. It has
CarMax revolutionized the auto industry by delivering the honest, transparent and high-integrity car buying experience customers want and deserve. This disruptive thinking has helped us become the nation’s largest retailer of used cars with more than 240 stores nationwide. And thanks to our amazing
Azadea Group
AZADEA Group is a premier lifestyle retail company that owns and operates more than 40+ leading international franchise concepts across the Middle East and Africa. With over 13,500 employees, dedicated offices in every market it operates, and world-class infrastructure, the company oversees over 700
Woolworths Supermarkets
There are over 128,000 of us across Australia. We’re in the biggest cities and the tiniest towns. We’re meal creators and digital developers. Number crunchers and fresh food deliverers. Yes, we all have many skills and wear many hats. But we’re all the same team, because we’re all Fresh Food People.
Aldi UK
Since arriving in the UK in 1990, we’ve gone on to be one of the biggest (and the highest-paying) supermarkets in the game, with a team of 45,000 colleagues who make Everyday Amazing. We've been crowned the 'Retail Employer of the Year' at the Grocer Gold Awards four times, which is a testament to
Jerónimo Martins
Founded in 1792, Jerónimo Martins is an international Group based in Portugal that operates in the food distribution and specialised retail sectors. Present in 6 countries and counting with more than 6 thousand stores, we are one of the oldest retailers in the world. We address the daily needs of
Michaels Stores
At The Michaels Companies Inc, our purpose is to fuel the joy of creativity. As the leading creative destination in North America, we operate over 1,300 stores in 49 states and Canada and online at Michaels.com and Michaels.ca. The Michaels Companies, Inc. also owns Artistree, a manufacturer of cust
Mr Price Group
Mr Price Group Limited is an omni-channel, fashion value retailer. The Group retails Apparel, Homeware and Sportsware and is one of the fastest growing retailers in South Africa. Our History: 1885 - The first John Orrs store opens 1934 - The first Hub store opens 1952 - John Orrs is listed on the J
SPAR South Africa
There’s something different about shopping at SPAR, that’s because we’ve created a culture of caring and community to ensure our customers have a consistently enjoyable shopping experience in a uniquely friendly and family orientated store. Nothing means more to us than our valued customers and we
.png)
OAP CyberSecurity News
November 08, 2025 08:00 AM
Tariffs Are Hurting DIY Car Mechanics, O'Reilly Auto Parts, AutoZone CEOs Say
Price increases from import duties and tariffs on car parts are causing DIY auto mechanics to delay some projects, according to the heads of...
November 03, 2025 08:00 AM
O’Reilly Automotive prioritizes supplier health to fight tariffs
The auto parts retailer is working closely with its partners to buffer for any potential impact, including by assessing their financial...
November 02, 2025 07:00 AM
Auto Parts Retailer Stocks Q3 Highlights: O'Reilly (NASDAQ:ORLY)
Wrapping up Q3 earnings, we look at the numbers and key takeaways for the auto parts retailer stocks, including O'Reilly (NASDAQ:ORLY) and...
October 22, 2025 07:00 AM
O'Reilly Automotive (ORLY) Q3 Earnings and Revenues Top Estimates
O'Reilly Automotive (ORLY) delivered earnings and revenue surprises of +2.41% and +0.21%, respectively, for the quarter ended September 2025...
September 26, 2025 07:00 AM
Is O'Reilly Auto Parts Stock a Buy?
Key Points. O'Reilly's stock has more than tripled in the past five years. The current valuation is very expensive from a historical...
September 20, 2025 07:00 AM
Man killed 2 auto shop employees, including teen, during fight over oil filters: police
A man shot and killed two employees at O'Reilly Auto Parts, including a teenager, during an argument about oil and oil filters, police said.
September 15, 2025 07:00 AM
Two employees shot, killed at O’Reilly Auto Parts in southwest Albuquerque following dispute over oil filter
ALBUQUERQUE, N.M. (KRQE) – A dispute over an oil filter turns deadly for two employees of an auto parts store. Two employees were shot and...
September 14, 2025 07:00 AM
O'Reilly Automotive: The '"Boring" Retailer Beating Wall Street's Hottest Stocks
This article first appeared on GuruFocus. In a market fixated on AI-driven hypergrowth and fintech upstarts, a national chain of auto parts...
September 09, 2025 07:00 AM
Silver Dollar City launches theme park transit department with O’Reilly Auto Parts
Silver Dollar City has partnered with O'Reilly Auto Parts to introduce a free themed transit service for visitors, consisting of three types...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
OAP CyberSecurity History Information
Official Website of O'Reilly Auto Parts
The official website of O'Reilly Auto Parts is https://careers.oreillyauto.com/.
O'Reilly Auto Parts’s AI-Generated Cybersecurity Score
According to Rankiteo, O'Reilly Auto Parts’s AI-generated cybersecurity score is 836, reflecting their Good security posture.
How many security badges does O'Reilly Auto Parts’ have ?
According to Rankiteo, O'Reilly Auto Parts currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does O'Reilly Auto Parts have SOC 2 Type 1 certification ?
According to Rankiteo, O'Reilly Auto Parts is not certified under SOC 2 Type 1.
Does O'Reilly Auto Parts have SOC 2 Type 2 certification ?
According to Rankiteo, O'Reilly Auto Parts does not hold a SOC 2 Type 2 certification.
Does O'Reilly Auto Parts comply with GDPR ?
According to Rankiteo, O'Reilly Auto Parts is not listed as GDPR compliant.
Does O'Reilly Auto Parts have PCI DSS certification ?
According to Rankiteo, O'Reilly Auto Parts does not currently maintain PCI DSS compliance.
Does O'Reilly Auto Parts comply with HIPAA ?
According to Rankiteo, O'Reilly Auto Parts is not compliant with HIPAA regulations.
Does O'Reilly Auto Parts have ISO 27001 certification ?
According to Rankiteo,O'Reilly Auto Parts is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of O'Reilly Auto Parts
O'Reilly Auto Parts operates primarily in the Retail industry.
Number of Employees at O'Reilly Auto Parts
O'Reilly Auto Parts employs approximately 22,789 people worldwide.
Subsidiaries Owned by O'Reilly Auto Parts
O'Reilly Auto Parts presently has no subsidiaries across any sectors.
O'Reilly Auto Parts’s LinkedIn Followers
O'Reilly Auto Parts’s official LinkedIn profile has approximately 214,405 followers.
NAICS Classification of O'Reilly Auto Parts
O'Reilly Auto Parts is classified under the NAICS code 43, which corresponds to Retail Trade.
O'Reilly Auto Parts’s Presence on Crunchbase
Yes, O'Reilly Auto Parts has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/o-reilly-auto-parts.
O'Reilly Auto Parts’s Presence on LinkedIn
Yes, O'Reilly Auto Parts maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/o'reilly-auto-parts.
Cybersecurity Incidents Involving O'Reilly Auto Parts
As of December 21, 2025, Rankiteo reports that O'Reilly Auto Parts has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
O'Reilly Auto Parts has an estimated 15,560 peer or competitor companies worldwide.
O'Reilly Auto Parts CyberSecurity History Information
How many cyber incidents has O'Reilly Auto Parts faced ?
Total Incidents: According to Rankiteo, O'Reilly Auto Parts has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at O'Reilly Auto Parts ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
Versa SASE Client for Windows versions released between 7.8.7 and 7.9.4 contain a local privilege escalation vulnerability in the audit log export functionality. The client communicates user-controlled file paths to a privileged service, which performs file system operations without impersonating the requesting user. Due to improper privilege handling and a time-of-check time-of-use race condition combined with symbolic link and mount point manipulation, a local authenticated attacker can coerce the service into deleting arbitrary directories with SYSTEM privileges. This can be exploited to delete protected system folders such as C:\\Config.msi and subsequently achieve execution as NT AUTHORITY\\SYSTEM via MSI rollback techniques.
Risk Information
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to unauthorized modification of data due to a missing capability check on the 'cs_update_application_status_callback' function in all versions up to, and including, 7.7. This makes it possible for authenticated attackers, with Candidate-level access and above, to inject cross-site scripting into the 'status' parameter of applied jobs for any user.
Risk Information
cvss3
Base: 7.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Description
The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 7.7 via the 'cs_update_application_status_callback' due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Candidate-level access and above, to send a site-generated email with injected HTML to any user.
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Description
The FiboSearch – Ajax Search for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `thegem_te_search` shortcode in all versions up to, and including, 1.32.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This vulnerability requires TheGem theme (premium) to be installed with Header Builder mode enabled, and the FiboSearch "Replace search bars" option enabled for TheGem integration.
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
References
- https://plugins.trac.wordpress.org/browser/ajax-search-for-woocommerce/tags/1.32.0/partials/themes/thegem-elementor.php#L104
- https://plugins.trac.wordpress.org/browser/ajax-search-for-woocommerce/tags/1.32.0/partials/themes/thegem-elementor.php#L94
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3420841%40ajax-search-for-woocommerce%2Ftrunk&old=3398612%40ajax-search-for-woocommerce%2Ftrunk&sfp_email=&sfph_mail=#file136
- https://wordpress.org/plugins/ajax-search-for-woocommerce
- https://www.wordfence.com/threat-intel/vulnerabilities/id/8149103e-105d-401d-8a15-b07d131baaac?source=cve
Description
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.0 via the ajax_get_members function. This is due to the use of a predictable low-entropy token (5 hex characters derived from md5 of post ID) to identify member directories and insufficient authorization checks on the unauthenticated AJAX endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including usernames, display names, user roles (including administrator accounts), profile URLs, and user IDs by enumerating predictable directory_id values or brute-forcing the small 16^5 token space.
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
References
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/class-functions.php#L41
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/core/class-ajax-common.php#L61
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/core/class-member-directory.php#L205
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/core/class-member-directory.php#L2795
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/templates/members.php#L26
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3421362%40ultimate-member%2Ftrunk&old=3408617%40ultimate-member%2Ftrunk&sfp_email=&sfph_mail=
- https://www.wordfence.com/threat-intel/vulnerabilities/id/61337d2d-d15a-45f2-b730-fc034eb3cd31?source=cve
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=o'reilly-auto-parts' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
