OCA
Company Details
Linkedin ID:
olympus
Website:
Employees number:
5,032
Number of followers:
106,993
NAICS:
3391
Industry Type:
Homepage:
olympusamerica.com
IP Addresses:
0
Company ID:
OLY_6927803
Scan Status:
In-progress
Olympus Corporation of the Americas Company CyberSecurity Posture
olympusamerica.com
At Olympus, we are committed to Our Purpose of making people’s lives healthier, safer and more fulfilling. As a global medical technology company, we partner with healthcare professionals to provide best-in-class solutions and services for early detection, diagnosis and minimally invasive treatment, aiming to improve patient outcomes by elevating the standard of care in targeted disease states. For more than 100 years, Olympus has pursued a goal of contributing to society by producing products designed with the purpose of delivering optimal outcomes for its customers around the world. Olympus Corporation of the Americas, a wholly owned subsidiary of Olympus Corporation, is headquartered in Center Valley, Pennsylvania, USA, and employs more than 4,500 employees throughout locations in North and South America.
Olympus Corporation of the Americas A.I CyberSecurity Scoring
OCA Risk Score (AI oriented)Between 700 and 749
OCA
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
OCA Global Score (TPRM)XXXX
OCA
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
OCA Company CyberSecurity News & History
Past Incidents
3
Attack Types
3
Olympus Corporation of the Americas
Breach
Rankiteo Explanation
Attack without any consequences
Description: The California Office of the Attorney General reported that Olympus Corporation of the Americas experienced a data breach on October 10, 2021. The breach involved unauthorized access to systems containing personal information, including names, addresses, and Social Security numbers, although there is no evidence that the data has been improperly accessed or disclosed. The incident was reported on November 15, 2021.
Olympus Corporation of the Americas
Ransomware
Rankiteo Explanation
Attack threatening the economy of a geographical region
Description: The optical and digital reprography technology manufacturer Olympus was targeted by the BlackMatter ransomware group. The attack impacted its Europe, Middle East, and Africa servers and disrupted the operations in the areas. However, the attack was immediately contained and all data transfers in the suspected systems were suspended and servers were secured.
Olympus Medical Americas
Cyber Attack
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Olympus, a leading medical technology company was forced to take down IT systems in the Americas (U.S., Canada, and Latin America) due to a cyberattack that hit its network in October 2021. They worked with appropriate third parties on this situation and continue to take all necessary measures to serve customers and business partners in a secure way," Olympus added. "Protecting customers and partners and maintaining their trust in us is their highest priority."
OCA Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for OCA
Incidents vs Medical Equipment Manufacturing Industry Average (This Year)
No incidents recorded for Olympus Corporation of the Americas in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Olympus Corporation of the Americas in 2025.
Incident Types OCA vs Medical Equipment Manufacturing Industry Avg (This Year)
No incidents recorded for Olympus Corporation of the Americas in 2025.
Incident History — OCA (X = Date, Y = Severity)
OCA cyber incidents detection timeline including parent company and subsidiaries
OCA Company Subsidiaries
At Olympus, we are committed to Our Purpose of making people’s lives healthier, safer and more fulfilling. As a global medical technology company, we partner with healthcare professionals to provide best-in-class solutions and services for early detection, diagnosis and minimally invasive treatment, aiming to improve patient outcomes by elevating the standard of care in targeted disease states. For more than 100 years, Olympus has pursued a goal of contributing to society by producing products designed with the purpose of delivering optimal outcomes for its customers around the world. Olympus Corporation of the Americas, a wholly owned subsidiary of Olympus Corporation, is headquartered in Center Valley, Pennsylvania, USA, and employs more than 4,500 employees throughout locations in North and South America.
Loading...
OCA Similar Companies
Stryker
Stryker is a global leader in medical technologies and, together with our customers, we are driven to make healthcare better. We offer innovative products and services in MedSurg, Neurotechnology and Orthopaedics that help improve patient and healthcare outcomes. Alongside its customers around the w
Baxter International Inc.
For nearly a century, we have delivered on our commitment to saving and sustaining the lives of patients, working alongside clinicians and providers around the world. We believe every person — regardless of who they are or where they are from — deserves a chance to live a healthy life, free from ill
Alcon
Alcon helps people see brilliantly. As the global leader in eye care with a heritage spanning over 75 years, we offer the broadest portfolio of products to enhance sight and improve people’s lives. Our Surgical and Vision Care products touch the lives of more than 260 million people in over 140 coun
Medline Industries, LP
Medline is the largest provider of medical-surgical products and supply chain solutions serving all points of care. Through its unique offering of world-class products, supply chain resilience and clinical practice expertise, Medline delivers improved clinical, financial and operational outcomes. He
BD is one of the largest global medical technology companies in the world and is advancing the world of health™ by improving medical discovery, diagnostics and the delivery of care. The company supports the heroes on the frontlines of health care by developing innovative technology, services and sol
Danaher Corporation
Danaher is a leading global life sciences and diagnostics innovator, committed to accelerating the power of science and technology to improve human health. We partner with customers across the globe to help them solve their most complex challenges, architecting solutions that bring the power of scie
Edwards Lifesciences
Edwards Lifesciences (NYSE: EW), is the leading global structural heart innovation company, driven by a passion to improve patient lives. Through breakthrough technologies, world-class evidence and partnerships with clinicians and healthcare stakeholders, our employees are inspired by our patient-fo
NIPRO Corporation - Global
Headquartered in Osaka, Japan, Nipro is a global leading international player in the healthcare industry, serving healthcare professionals, pharmaceutical companies and patients directly. For over 7 decades we have been doing what we do best! Develop, manufacture and deliver high-quality medical d
Olympus Corporation
Olympus is passionate about creating customer-driven solutions for the medical industry. For more than 100 years, Olympus has focused on making people’s lives healthier, safer and more fulfilling by helping detect, prevent, and treat disease, furthering scientific research, and ensuring public safet
.png)
OCA CyberSecurity News
October 07, 2025 07:00 AM
Automotive Cybersecurity Market to Reach USD 12.6 Billion
The global automotive cybersecurity market was valued at USD 3,370 million in 2024 and is expected to reach USD 12,601.67 million by 2032,...
January 03, 2025 08:00 AM
Olympus begins CEO search after Kaufmann resignation
Stefan Kaufmann, former CEO of Tokyo-based Olympus, stepped down in October after the company investigated an allegation that the executive...
March 27, 2024 07:00 AM
Olympus Corp. of the Americas Appoints Julien Sauvagnargues CEO
Julien Sauvagnargues to the role of President and Chief Executive Officer (CEO), Olympus Corporation of the Americas (OCA), reporting to Olympus Chief Strategy...
March 21, 2023 07:00 AM
Olympus hit with 3rd FDA warning letter in 5-month span over endoscope manufacturing
After inspecting a Tokyo facility last fall, the FDA concluded that some of Olympus' devices are “adulterated” from improper manufacturing...
August 29, 2022 07:00 AM
Olympus inks $3B sale of scientific tools unit to private equity firm Bain Capital
After days of swirling speculation, Olympus finally confirmed that it has agreed to sell off its scientific solutions business to Bain...
October 20, 2021 07:00 AM
Olympus Suffered a Second Cyber Attack That Disrupted Operations in the Americas a Month After a Ransomware Incident on EMEA Networks
Olympus suffered a second cyber attack on their Americas operation a month after a suspected ransomware incident shut down its EMEA networks...
October 20, 2021 07:00 AM
Olympus US hack tied to sanctioned Russian ransomware group
The Macaw malware is linked to the U.S.-sanctioned Evil Corp.
October 12, 2021 07:00 AM
Olympus confirms US cyberattack, weeks after BlackMatter ransomware hit EMEA systems
Japanese technology giant Olympus has confirmed it was hit by a cyberattack over the weekend that forced it to shut down its IT systems in the US, Canada and...
October 12, 2021 07:00 AM
Olympus US systems hit by cyberattack over the weekend
Olympus, a leading medical technology company, was forced to take down IT systems in the Americas (U.S., Canada and Latin America) following...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
OCA CyberSecurity History Information
Official Website of Olympus Corporation of the Americas
The official website of Olympus Corporation of the Americas is olympusamerica.com.
Olympus Corporation of the Americas’s AI-Generated Cybersecurity Score
According to Rankiteo, Olympus Corporation of the Americas’s AI-generated cybersecurity score is 705, reflecting their Moderate security posture.
How many security badges does Olympus Corporation of the Americas’ have ?
According to Rankiteo, Olympus Corporation of the Americas currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Olympus Corporation of the Americas have SOC 2 Type 1 certification ?
According to Rankiteo, Olympus Corporation of the Americas is not certified under SOC 2 Type 1.
Does Olympus Corporation of the Americas have SOC 2 Type 2 certification ?
According to Rankiteo, Olympus Corporation of the Americas does not hold a SOC 2 Type 2 certification.
Does Olympus Corporation of the Americas comply with GDPR ?
According to Rankiteo, Olympus Corporation of the Americas is not listed as GDPR compliant.
Does Olympus Corporation of the Americas have PCI DSS certification ?
According to Rankiteo, Olympus Corporation of the Americas does not currently maintain PCI DSS compliance.
Does Olympus Corporation of the Americas comply with HIPAA ?
According to Rankiteo, Olympus Corporation of the Americas is not compliant with HIPAA regulations.
Does Olympus Corporation of the Americas have ISO 27001 certification ?
According to Rankiteo,Olympus Corporation of the Americas is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Olympus Corporation of the Americas
Olympus Corporation of the Americas operates primarily in the Medical Equipment Manufacturing industry.
Number of Employees at Olympus Corporation of the Americas
Olympus Corporation of the Americas employs approximately 5,032 people worldwide.
Subsidiaries Owned by Olympus Corporation of the Americas
Olympus Corporation of the Americas presently has no subsidiaries across any sectors.
Olympus Corporation of the Americas’s LinkedIn Followers
Olympus Corporation of the Americas’s official LinkedIn profile has approximately 106,993 followers.
NAICS Classification of Olympus Corporation of the Americas
Olympus Corporation of the Americas is classified under the NAICS code 3391, which corresponds to Medical Equipment and Supplies Manufacturing.
Olympus Corporation of the Americas’s Presence on Crunchbase
No, Olympus Corporation of the Americas does not have a profile on Crunchbase.
Olympus Corporation of the Americas’s Presence on LinkedIn
Yes, Olympus Corporation of the Americas maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/olympus.
Cybersecurity Incidents Involving Olympus Corporation of the Americas
As of December 05, 2025, Rankiteo reports that Olympus Corporation of the Americas has experienced 3 cybersecurity incidents.
Number of Peer and Competitor Companies
Olympus Corporation of the Americas has an estimated 5,425 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Olympus Corporation of the Americas ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack, Ransomware and Breach.
How does Olympus Corporation of the Americas detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with suspended all data transfers in the suspected systems, containment measures with secured servers, and third party assistance with appropriate third parties, and communication strategy with continue to take all necessary measures to serve customers and business partners in a secure way..
Incident Details
Can you provide details on each incident ?
Title: BlackMatter Ransomware Attack on Olympus
Description: The optical and digital reprography technology manufacturer Olympus was targeted by the BlackMatter ransomware group. The attack impacted its Europe, Middle East, and Africa servers and disrupted the operations in the areas. However, the attack was immediately contained and all data transfers in the suspected systems were suspended and servers were secured.
Type: Ransomware
Threat Actor: BlackMatter
Title: Cyberattack on Olympus Medical Technology
Description: Olympus, a leading medical technology company was forced to take down IT systems in the Americas (U.S., Canada, and Latin America) due to a cyberattack that hit its network in October 2021. They worked with appropriate third parties on this situation and continue to take all necessary measures to serve customers and business partners in a secure way. Protecting customers and partners and maintaining their trust in us is their highest priority.
Date Detected: October 2021
Type: Cyberattack
Title: Olympus Corporation of the Americas Data Breach
Description: The California Office of the Attorney General reported that Olympus Corporation of the Americas experienced a data breach on October 10, 2021. The breach involved unauthorized access to systems containing personal information, including names, addresses, and Social Security numbers, although there is no evidence that the data has been improperly accessed or disclosed. The incident was reported on November 15, 2021.
Date Detected: 2021-10-10
Date Publicly Disclosed: 2021-11-15
Type: Data Breach
Attack Vector: Unauthorized Access
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Ransomware OLY15722322
Systems Affected: EuropeMiddle EastAfrica
Incident : Cyberattack OLY1611241122
Systems Affected: IT systems in the Americas (U.S., Canada, and Latin America)
Incident : Data Breach OLY550072725
Data Compromised: Names, Addresses, Social security numbers
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Names, Addresses, Social Security Numbers and .
Which entities were affected by each incident ?
Incident : Ransomware OLY15722322
Entity Name: Olympus
Entity Type: Corporation
Industry: Optical and Digital Reprography Technology
Location: EuropeMiddle EastAfrica
Incident : Cyberattack OLY1611241122
Entity Name: Olympus
Entity Type: Medical Technology Company
Industry: Medical Technology
Location: U.S.CanadaLatin America
Incident : Data Breach OLY550072725
Entity Name: Olympus Corporation of the Americas
Entity Type: Corporation
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Ransomware OLY15722322
Containment Measures: Suspended all data transfers in the suspected systemsSecured servers
Incident : Cyberattack OLY1611241122
Third Party Assistance: Appropriate third parties
Communication Strategy: Continue to take all necessary measures to serve customers and business partners in a secure way
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Appropriate third parties.
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach OLY550072725
Type of Data Compromised: Names, Addresses, Social security numbers
Sensitivity of Data: High
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by suspended all data transfers in the suspected systems, secured servers and .
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Ransomware OLY15722322
Ransomware Strain: BlackMatter
References
Where can I find more information about each incident ?
Incident : Data Breach OLY550072725
Source: California Office of the Attorney General
Date Accessed: 2021-11-15
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: California Office of the Attorney GeneralDate Accessed: 2021-11-15.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Continue To Take All Necessary Measures To Serve Customers And Business Partners In A Secure Way.
Post-Incident Analysis
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Appropriate third parties.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an BlackMatter.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on October 2021.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2021-11-15.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Names, Addresses, Social Security numbers and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident were EuropeMiddle EastAfrica and IT systems in the Americas (U.S., Canada, and Latin America).
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was Appropriate third parties.
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Suspended all data transfers in the suspected systemsSecured servers.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Names, Addresses and Social Security numbers.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is California Office of the Attorney General.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Prior to 2.0.3, Function api.ParseJSONRequest currently splits (via a call to strings.Split) an optionally-provided OID (which is untrusted data) on periods. Similarly, function api.getContentType splits the Content-Type header (which is also untrusted data) on an application string. As a result, in the face of a malicious request with either an excessively long OID in the payload containing many period characters or a malformed Content-Type header, a call to api.ParseJSONRequest or api.getContentType incurs allocations of O(n) bytes (where n stands for the length of the function's argument). This vulnerability is fixed in 2.0.3.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Monkeytype is a minimalistic and customizable typing test. In 25.49.0 and earlier, there is improper handling of user input which allows an attacker to execute malicious javascript on anyone viewing a malicious quote submission. quote.text and quote.source are user input, and they're inserted straight into the DOM. If they contain HTML tags, they will be rendered (after some escaping using quotes and textarea tags).
Risk Information
cvss4
Base: 7.1
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
SysReptor is a fully customizable pentest reporting platform. Prior to 2025.102, there is a Stored Cross-Site Scripting (XSS) vulnerability allows authenticated users to execute malicious JavaScript in the context of other logged-in users by uploading malicious JavaScript files in the web UI. This vulnerability is fixed in 2025.102.
Risk Information
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
Description
Taiko Alethia is an Ethereum-equivalent, permissionless, based rollup designed to scale Ethereum without compromising its fundamental properties. In 2.3.1 and earlier, TaikoInbox._verifyBatches (packages/protocol/contracts/layer1/based/TaikoInbox.sol:627-678) advanced the local tid to whatever transition matched the current blockHash before knowing whether that batch would actually be verified. When the loop later broke (e.g., cooldown window not yet passed or transition invalidated), the function still wrote that newer tid into batches[lastVerifiedBatchId].verifiedTransitionId after decrementing batchId. Result: the last verified batch could end up pointing at a transition index from the next batch (often zeroed), corrupting the verified chain pointer.
Risk Information
cvss4
Base: 8.0
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A flaw has been found in youlaitech youlai-mall 1.0.0/2.0.0. Affected is the function getById/updateAddress/deleteAddress of the file /mall-ums/app-api/v1/addresses/. Executing manipulation can lead to improper control of dynamically-identified variables. The attack can be executed remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 6.5
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
cvss3
Base: 6.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=olympus' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
