OHIL
Company Details
Linkedin ID:
oraclemed
Website:
Employees number:
39
Number of followers:
4,872
NAICS:
62
Industry Type:
Homepage:
oraclemed.com
IP Addresses:
0
Company ID:
ORA_9499423
Scan Status:
In-progress
OracleMed Health Investments (Pty) Ltd Company CyberSecurity Posture
oraclemed.com
Established in 2001, OracleMed Health has been providing flexible International Health Insurance Products across Africa for almost 20 years. We have built a team of professionals drawn from a broad range of disciplines including medical specialists and healthcare practitioners, which brings a wealth of technical expertise thus ensuring long term sustainability with excellent value in benefit design structure and pricing. Our multinational team mirrors the cultural diversity of our clients, combining a wide range of language skills with an extensive knowledge of regional structures. The scale of our operations with our intimate knowledge of the healthcare environment, together with our regional representation throughout Africa, provides peace of mind to our policy holders. (FSP 52390)
OracleMed Health Investments (Pty) Ltd A.I CyberSecurity Scoring
OHIL Risk Score (AI oriented)Between 600 and 649
OHIL
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
OHIL Global Score (TPRM)XXXX
OHIL
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
OHIL Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Columbia Medical Practice: Columbia Medical Practice Data Breach Lawsuit Investigation
Ransomware
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Columbia Medical Practice Hit by Qilin Ransomware Attack, Exposing Sensitive Data of 3,000 Patients Columbia Medical Practice, a multi-specialty healthcare provider based in Howard County, Maryland, suffered a ransomware attack on November 5, 2025, orchestrated by the Qilin ransomware group. The attackers infiltrated the organization’s network, encrypted files, and exfiltrated sensitive patient data before publicly claiming responsibility on the dark web on November 24, 2025. The breach was officially reported to the U.S. Department of Health and Human Services (HHS) on December 5, 2025, affecting approximately 3,000 individuals. Exposed information included personally identifiable data (names, addresses, Social Security numbers, driver’s license and passport details), health records (diagnoses, treatment history, prescription details, and physician assignments), and financial and insurance data (account numbers, insurance IDs, and payment information). Columbia Medical Practice, which operates under a Patient-Centered Medical Home (PCMH) model, has established a toll-free assistance line (1-833-974-3375) for affected individuals. The law firm Shamis & Gentile P.A. is investigating potential legal claims for those impacted, citing possible compensation for damages such as identity theft or financial losses. The incident underscores the growing threat of ransomware attacks targeting healthcare providers and the exposure of highly sensitive patient data.
OHIL Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for OHIL
Incidents vs Hospitals and Health Care Industry Average (This Year)
No incidents recorded for OracleMed Health Investments (Pty) Ltd in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for OracleMed Health Investments (Pty) Ltd in 2026.
Incident Types OHIL vs Hospitals and Health Care Industry Avg (This Year)
No incidents recorded for OracleMed Health Investments (Pty) Ltd in 2026.
Incident History — OHIL (X = Date, Y = Severity)
OHIL cyber incidents detection timeline including parent company and subsidiaries
OHIL Company Subsidiaries
Established in 2001, OracleMed Health has been providing flexible International Health Insurance Products across Africa for almost 20 years. We have built a team of professionals drawn from a broad range of disciplines including medical specialists and healthcare practitioners, which brings a wealth of technical expertise thus ensuring long term sustainability with excellent value in benefit design structure and pricing. Our multinational team mirrors the cultural diversity of our clients, combining a wide range of language skills with an extensive knowledge of regional structures. The scale of our operations with our intimate knowledge of the healthcare environment, together with our regional representation throughout Africa, provides peace of mind to our policy holders. (FSP 52390)
Loading...
OHIL Similar Companies
CVS Health
CVS Health is the leading health solutions company, delivering care like no one else can. We reach more people and improve the health of communities across America through our local presence, digital channels and over 300,000 dedicated colleagues. Wherever and whenever people need us, we help them
Amil
A Amil é uma empresa do setor de saúde que atua no Brasil combinando expertise e liderança para coordenar todos os agentes desse mercado - criando relações sustentáveis para conhecer e atender às necessidades de cada cliente e permitir que ele aproveite o melhor da vida. Diariamente, nos preocupamo
Provincial Health Services Authority
Canada's first provincial health services authority. Provincial Health Services Authority (PHSA) is one of six health authorities – the other five health authorities serve geographic regions of BC. PHSA's primary role is to ensure that BC residents have access to a coordinated network of high-quali
Encompass Health
Encompass Health is the largest owner and operator of rehabilitation hospitals in the United States. With a national footprint that includes more than 170 hospitals in 39 states and Puerto Rico, the Company provides high-quality, compassionate rehabilitative care for patients recovering from a major
Johns Hopkins Medicine
Johns Hopkins Medicine is a governing structure for the University’s School of Medicine and the health system, coordinating their research, teaching, patient care, and related enterprises. The Johns Hopkins Hospital opened in 1889, followed four years later by the university’s School of Medicine
Jefferson Health
Thomas Jefferson University and Thomas Jefferson University Hospitals are partners in providing excellent clinical and compassionate care for our patients in the Philadelphia region, educating the health professionals of tomorrow in a variety of disciplines and discovering new knowledge that will de
One of the largest Trusts in the UK, Guy’s and St Thomas’ NHS Foundation Trust comprises five of the UK’s best known hospitals – Guy’s, St Thomas’, Evelina London Children’s Hospital, Royal Brompton and Harefield – as well as community services in Lambeth and Southwark, all with a long history of hi
UMass Memorial Health
UMass Memorial Health is the health and wellness partner of the people of Central Massachusetts. Through pain and pandemics, our commitment to our communities never wanes. We use knowledge and innovation to create breakthrough medicine, to create jobs, and to make life better for those we serve. We
Providence
Every day, 119,000 compassionate caregivers serve patients and communities through Providence St. Joseph Health, a national, Catholic, not-for-profit health system, driven by a belief that health is a human right. Rooted in the founding missions of the Sisters of Providence and the Sisters of St.
.png)
OHIL CyberSecurity News
January 24, 2026 07:00 PM
🔒 What is a VPN Portal- Learn why VPN portals are important for online security #VPNPortal #VPNSecurity #FreeVPNRisks #ssl #vpn #VPNSafety #VPNDisadvantages #VPNAndroid #CyberSecurity #OnlineSafety
January 24, 2026 02:52 PM
Germany news: Berlin vows aggressive cybersecurity stance
Berlin promises to take down bad cyber actors and a new report prompts questions of whether police should carry Tasers to keep them from...
January 24, 2026 01:45 PM
CrowdStrike (NASDAQ: CRWD) Stock Price Prediction and Forecast 2025-2030 (Feb 2025)
A U.S. judge recently dismissed a shareholder lawsuit that accused cybersecurity company CrowdStrike Holdings Inc. (NASDAQ: CRWD) of making...
January 24, 2026 11:30 AM
AgweekTV Full Show: Disappearing topsoil, bull genetics, virtual fencing, cybersecurity in ag
Disappearing topsoil is a big problem for land and bottom line. Expert advice for picking the best bull genetics. Keeping cattle right where...
January 24, 2026 10:46 AM
2026 CISO AI Risk Report
Introduction. Many security leaders didn't authorize AI expansion. It happened around them. Someone plugged in a copilot in a SaaS tool or...
January 24, 2026 10:00 AM
National Cyber Security Summit: Cybersecurity a strategic business risk
It's been a busy time for New Zealand's National Cyber Security Centre as it takes an unprecedentedly proactive posture to cyber threats.
January 24, 2026 09:48 AM
Data Deletion: Why Erasing Your Information Matters More Than Ever
Data deletion is a great way to reduce your digital footprint and lower the risk of cybercrime – here's a guide to deleting your data...
January 24, 2026 09:08 AM
Why Cybersecurity Works Better When Defenders Share Data
This post is also available in: עברית (Hebrew). Organizations are increasingly expected to share data across corporate boundaries, yet cybersecurity risks...
January 24, 2026 08:32 AM
Why AI is exposing the limits of automated security decision-making
When cybercriminals are designing ways to deliver malware, hiding payloads within files remains one of the most common and, for them,...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
OHIL CyberSecurity History Information
Official Website of OracleMed Health Investments (Pty) Ltd
The official website of OracleMed Health Investments (Pty) Ltd is https://http://www.oraclemed.com.
OracleMed Health Investments (Pty) Ltd’s AI-Generated Cybersecurity Score
According to Rankiteo, OracleMed Health Investments (Pty) Ltd’s AI-generated cybersecurity score is 635, reflecting their Poor security posture.
How many security badges does OracleMed Health Investments (Pty) Ltd’ have ?
According to Rankiteo, OracleMed Health Investments (Pty) Ltd currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has OracleMed Health Investments (Pty) Ltd been affected by any supply chain cyber incidents ?
According to Rankiteo, OracleMed Health Investments (Pty) Ltd has been affected by a supply chain cyber incident involving OracleMed Health Investments (Pty) Ltd, with the incident ID COL1769038385.
Does OracleMed Health Investments (Pty) Ltd have SOC 2 Type 1 certification ?
According to Rankiteo, OracleMed Health Investments (Pty) Ltd is not certified under SOC 2 Type 1.
Does OracleMed Health Investments (Pty) Ltd have SOC 2 Type 2 certification ?
According to Rankiteo, OracleMed Health Investments (Pty) Ltd does not hold a SOC 2 Type 2 certification.
Does OracleMed Health Investments (Pty) Ltd comply with GDPR ?
According to Rankiteo, OracleMed Health Investments (Pty) Ltd is not listed as GDPR compliant.
Does OracleMed Health Investments (Pty) Ltd have PCI DSS certification ?
According to Rankiteo, OracleMed Health Investments (Pty) Ltd does not currently maintain PCI DSS compliance.
Does OracleMed Health Investments (Pty) Ltd comply with HIPAA ?
According to Rankiteo, OracleMed Health Investments (Pty) Ltd is not compliant with HIPAA regulations.
Does OracleMed Health Investments (Pty) Ltd have ISO 27001 certification ?
According to Rankiteo,OracleMed Health Investments (Pty) Ltd is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of OracleMed Health Investments (Pty) Ltd
OracleMed Health Investments (Pty) Ltd operates primarily in the Hospitals and Health Care industry.
Number of Employees at OracleMed Health Investments (Pty) Ltd
OracleMed Health Investments (Pty) Ltd employs approximately 39 people worldwide.
Subsidiaries Owned by OracleMed Health Investments (Pty) Ltd
OracleMed Health Investments (Pty) Ltd presently has no subsidiaries across any sectors.
OracleMed Health Investments (Pty) Ltd’s LinkedIn Followers
OracleMed Health Investments (Pty) Ltd’s official LinkedIn profile has approximately 4,872 followers.
NAICS Classification of OracleMed Health Investments (Pty) Ltd
OracleMed Health Investments (Pty) Ltd is classified under the NAICS code 62, which corresponds to Health Care and Social Assistance.
OracleMed Health Investments (Pty) Ltd’s Presence on Crunchbase
No, OracleMed Health Investments (Pty) Ltd does not have a profile on Crunchbase.
OracleMed Health Investments (Pty) Ltd’s Presence on LinkedIn
Yes, OracleMed Health Investments (Pty) Ltd maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/oraclemed.
Cybersecurity Incidents Involving OracleMed Health Investments (Pty) Ltd
As of January 24, 2026, Rankiteo reports that OracleMed Health Investments (Pty) Ltd has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
OracleMed Health Investments (Pty) Ltd has an estimated 31,617 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at OracleMed Health Investments (Pty) Ltd ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
How does OracleMed Health Investments (Pty) Ltd detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with established a toll-free assistance line (1-833-974-3375) for affected individuals..
Incident Details
Can you provide details on each incident ?
Title: Columbia Medical Practice Hit by Qilin Ransomware Attack, Exposing Sensitive Data of 3,000 Patients
Description: Columbia Medical Practice, a multi-specialty healthcare provider based in Howard County, Maryland, suffered a ransomware attack on November 5, 2025, orchestrated by the Qilin ransomware group. The attackers infiltrated the organization’s network, encrypted files, and exfiltrated sensitive patient data before publicly claiming responsibility on the dark web on November 24, 2025. The breach was officially reported to the U.S. Department of Health and Human Services (HHS) on December 5, 2025, affecting approximately 3,000 individuals.
Date Detected: 2025-11-05
Date Publicly Disclosed: 2025-11-24
Type: Ransomware
Threat Actor: Qilin ransomware group
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
Impact of the Incidents
What was the impact of each incident ?
Incident : Ransomware COL1769038385
Data Compromised: Personally identifiable data, health records, financial and insurance data
Identity Theft Risk: Yes
Payment Information Risk: Yes
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personally Identifiable Information, Health Records, Financial And Insurance Data and .
Which entities were affected by each incident ?
Incident : Ransomware COL1769038385
Entity Name: Columbia Medical Practice
Entity Type: Healthcare Provider
Industry: Healthcare
Location: Howard County, Maryland, USA
Customers Affected: 3000
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Ransomware COL1769038385
Communication Strategy: Established a toll-free assistance line (1-833-974-3375) for affected individuals
Data Breach Information
What type of data was compromised in each breach ?
Incident : Ransomware COL1769038385
Type of Data Compromised: Personally identifiable information, Health records, Financial and insurance data
Number of Records Exposed: 3000
Sensitivity of Data: High
Data Exfiltration: Yes
Data Encryption: Yes
Personally Identifiable Information: NamesAddressesSocial Security numbersDriver’s license detailsPassport details
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Ransomware COL1769038385
Ransomware Strain: Qilin
Data Encryption: Yes
Data Exfiltration: Yes
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Ransomware COL1769038385
Regulations Violated: HIPAA,
Legal Actions: Potential legal claims being investigated by Shamis & Gentile P.A.
Regulatory Notifications: Reported to U.S. Department of Health and Human Services (HHS) on December 5, 2025
How does the company ensure compliance with regulatory requirements ?
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through Potential legal claims being investigated by Shamis & Gentile P.A..
References
Where can I find more information about each incident ?
Incident : Ransomware COL1769038385
Source: Incident report
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Incident report.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Established a toll-free assistance line (1-833-974-3375) for affected individuals.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Ransomware COL1769038385
Customer Advisories: Toll-free assistance line (1-833-974-3375) established for affected individuals
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: was Toll-free assistance line (1-833-974-3375) established for affected individuals.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Qilin ransomware group.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2025-11-05.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025-11-24.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Personally identifiable data, health records and financial and insurance data.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Personally identifiable data, health records and financial and insurance data.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 300.0.
Regulatory Compliance
What was the most significant legal action taken for a regulatory violation ?
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was Potential legal claims being investigated by Shamis & Gentile P.A..
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Incident report.
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an Toll-free assistance line (1-833-974-3375) established for affected individuals.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Typemill is a flat-file, Markdown-based CMS designed for informational documentation websites. A reflected Cross-Site Scripting (XSS) exists in the login error view template `login.twig` of versions 2.19.1 and below. The `username` value can be echoed back without proper contextual encoding when authentication fails. An attacker can execute script in the login page context. This issue has been fixed in version 2.19.2.
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Description
A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the DomainCheckerApp class within domain/script.js of Sourcecodester Domain Availability Checker v1.0. The vulnerability occurs because the application improperly handles user-supplied data in the createResultElement method by using the unsafe innerHTML property to render domain search results.
Description
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Modern Image Gallery App v1.0 within the gallery/upload.php component. The application fails to properly validate uploaded file contents. Additionally, the application preserves the user-supplied file extension during the save process. This allows an unauthenticated attacker to upload arbitrary PHP code by spoofing the MIME type as an image, leading to full system compromise.
Description
A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges. To mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above.
Risk Information
cvss3
Base: 6.0
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
cvss4
Base: 6.0
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description
An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru 2025-05-28. This unauthenticated endpoint returns a list of cashier accounts, including names, email addresses, usernames, and passwords hashed using MD5. As MD5 is a broken cryptographic function, the hashes can be easily reversed using public tools, exposing user credentials in plaintext. This allows remote attackers to perform unauthorized logins and potentially gain access to sensitive POS operations or backend functions.
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=oraclemed' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
