What is the official website of OSF HealthCare ?

The official website of OSF HealthCare is http://www.osfhealthcare.org.

What is OSF HealthCare's cybersecurity risk score?

OSF HealthCare has an AI-generated cybersecurity risk score of 658 out of 1000, indicating a Weak security posture according to Rankiteo's assessment.

How many security incidents has OSF HealthCare experienced?

According to Rankiteo, OSF HealthCare currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has OSF HealthCare been affected by any supply chain cyber incidents ?

According to Rankiteo, OSF HealthCare has been affected by multiple supply chain cyber incidents. The affected supply chain sources and their corresponding incident IDs are: Cerner Corporation (Incident ID: OSFCEROSF1766606283) Cerner Corporation (Incident ID: CEROSF1771973986)

Does OSF HealthCare have SOC 2 Type 1 certification ?

According to Rankiteo, OSF HealthCare is not certified under SOC 2 Type 1.

Does OSF HealthCare have SOC 2 Type 2 certification ?

According to Rankiteo, OSF HealthCare does not hold a SOC 2 Type 2 certification.

Does OSF HealthCare comply with GDPR ?

According to Rankiteo, OSF HealthCare is not listed as GDPR compliant.

Does OSF HealthCare have PCI DSS certification ?

According to Rankiteo, OSF HealthCare does not currently maintain PCI DSS compliance.

Does OSF HealthCare comply with HIPAA ?

According to Rankiteo, OSF HealthCare is not compliant with HIPAA regulations.

Does OSF HealthCare have ISO 27001 certification ?

According to Rankiteo,OSF HealthCare is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does OSF HealthCare operate in ?

OSF HealthCare operates primarily in the Hospitals and Health Care industry.

How many employees does OSF HealthCare have ?

OSF HealthCare employs approximately 12,123 people worldwide.

Does OSF HealthCare own any subsidiaries ?

OSF HealthCare presently has no subsidiaries across any sectors.

How many LinkedIn followers does OSF HealthCare have ?

OSF HealthCare's official LinkedIn profile has approximately 44,750 followers.

What is the NAICS classification code for OSF HealthCare ?

OSF HealthCare is classified under the NAICS code 62, which corresponds to Health Care and Social Assistance.

Does OSF HealthCare have a Crunchbase profile ?

No, OSF HealthCare does not have a profile on Crunchbase.

Does OSF HealthCare have a LinkedIn profile ?

Yes, OSF HealthCare maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/osf-healthcare.

How many cybersecurity incidents has OSF HealthCare experienced ?

As of June 26, 2026, Rankiteo reports that OSF HealthCare has experienced 4 cybersecurity incidents.

How many peer or competitor companies does OSF HealthCare have ?

OSF HealthCare has an estimated 33,134 peer or competitor companies worldwide.

What types of cybersecurity incidents has OSF HealthCare faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Data Leak, Ransomware, Breach and Cyber Attack.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

OSF HealthCare

Boost Score +25 with badge (5 left)

658

/1000

Weak

683

/1000

Weak

OSF HealthCare Vendor Cyber Rating & Cyber Score

osfhealthcare.org

Add Your Compliance Badge

OSF HealthCare is an integrated health system founded by The Sisters of the Third Order of St. Francis. Headquartered in Peoria, Illinois, OSF HealthCare has 17 hospitals – 11 acute care, five critical access and one continuing care – with 2,305 licensed beds throughout Illinois and Michigan. OSF employs more than 26,000 Mission Partners across 171 locations; has two colleges of nursing; operates OSF Home Care Services, an extensive network of home health and hospice services; owns Pointcore, Inc., comprised of health care-related businesses; OSF HealthCare Foundation, the philanthropic arm for the organization; and OSF Ventures, which provides investment capital for promising health care innovation startups. In 2020, OSF OnCall was

OSF HealthCare A.I CyberSecurity Scoring

Scoring History

OSF HealthCare

OSF HealthCare CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

OSF HealthCare

Breach

9/2025

Cerner Corporat...

OSFCEROSF176660...

OSF HealthCare

Cyber Attack

100

1/2025

Cerner Corporat...

CEROSF177197398...

OSF HealthCare

Ransomware

100

10/2021

OSF22412822

OSF HealthCare

Data Leak

05/2021

OSF19491222

Loading…

A.I.

OSF HealthCare Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for OSF HealthCare

Incidents vs Hospitals and Health Care Industry Avg (This Year)

No incidents recorded for OSF HealthCare in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for OSF HealthCare in 2026.

Incident Types OSF HealthCare vs Hospitals and Health Care Industry Avg (This Year)

No incidents recorded for OSF HealthCare in 2026.

Incident History - OSF HealthCare (X = Date, Y = Severity)

Loading…

SUBSIDIARY

OSF HealthCare Subsidiaries

OSF HealthCare

Hospitals and Health Care

Website: http://www.osfhealthcare.org

Company Size: 10,001+ employees

OSF InnovationHospitals and Health Care

OSF OnCall Digital HealthHospitals and Health Care

Loading…

OSF HealthCare Similar Companies

Encompass Health

encompasshealth.com

Encompass Health is the largest owner and operator of rehabilitation hospitals in the United States. With a national footprint that includes more than 170 hospitals in 39 states and Puerto Rico, the Company provides high-quality, compassionate rehabilitative care for patients recovering from a major injury or illness, using advanced technology and innovative treatments to maximize recovery. Encompass Health is ranked as one of Fortune’s 100 Best Companies to Work For and Modern Healthcare’s Best Places to Work in Healthcare.

RWJBarnabas Health

rwjbh.org

RWJBarnabas Health is New Jersey’s largest and most comprehensive academic health system, caring for more than 5 million people annually. Nationally renowned for quality and safety, the system includes 14 hospitals and 9,000 affiliated physicians integrated to provide care at more than 700 patient care locations. RWJBarnabas Health is among New Jersey’s largest private employers, with more than 44,000 employees, contributing more than $5.5 billion to the state economy every year. RWJBarnabas Health partners with its diverse communities to build and sustain a healthier New Jersey. It provides patient-centered care in a compassionate and equitable manner. RWJBarnabas Health’s commitment to enhancing access to care includes a transformative partnership with Rutgers University, including the Rutgers Cancer Institute — the state's only NCI-designated Comprehensive Cancer Center - and Rutgers Robert Wood Johnson Medical School.

OhioHealth

cb ohiohealth.com

OhioHealth is a nationally recognized, not-for-profit, faith-based health system of more than 35,000 associates, providers and volunteers. We lead with our mission to improve the health of those we serve throughout our 16 hospitals and 200+ urgent, primary and specialty care sites spanning 50 Ohio counties. Headquartered in Columbus, Ohio, we’re proud to be consistently recognized by FORTUNE as one of the “100 Best Companies to Work For” and rated a Top Hospital & Health System by Fair360 in 2024.

Select Medical

cb selectmedical.com

Select Medical made a commitment more than 20 years ago to deliver an exceptional patient care experience that promotes healing and recovery in a compassionate environment. We have honored that promise by helping define the nation's standard of excellence in specialized hospital and rehabilitative care. Today, we have grown to more than 50,000 colleagues caring for more than 82,000 patients every day across our care continuum. Select Medical is one of the largest operators of critical illness recovery hospitals, rehabilitation hospitals, outpatient rehabilitation centers and occupational health centers in the United States. Select Medical and its parent company, Select Medical Holdings Corporation (NYSE: SEM), are based in Mechanicsburg, Pennsylvania. We are honored to be recognized by Forbes as one of America’s Best-In-State Employers in Maryland, Missouri and Pennsylvania for 2021. Select Medical provides equal employment [and affirmative action] opportunities to applicants and employees without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability. http://careers.selectmedical.com

Children's Hospital of Philadelphia

cb chop.edu

Since its start in 1855 as the nation's first hospital devoted exclusively to caring for children, The Children's Hospital of Philadelphia has been the birthplace for many dramatic firsts in pediatric medicine. The Hospital has fostered medical discoveries and innovations that have improved pediatric healthcare and saved countless children’s lives. Today, The Children's Hospital of Philadelphia is one of the leading pediatric hospitals and research facilities in the world. Our 150 years of innovation and service to our patients, their families and our community reflect an ongoing commitment to exceptional patient care, training new generations of pediatric healthcare providers and pioneering significant research initiatives.

IHH Healthcare

ihhhealthcare.com

A world-leading multinational healthcare provider, IHH believes that making a difference starts with our aspiration to Care. For Good. Our team of 70,000 people commit to deliver greater good to our patients, people, the public and our planet, as we live our purpose each day to touch lives and transform care. Through our portfolio of trusted brands – Acibadem, Fortis, Gleneagles, Island, Mount Elizabeth, Pantai, Parkway and Prince Court, – we offer our patients comprehensive and personalised care ranging from primary to quaternary, and even ancillary services such as laboratory, diagnostics, imaging and rehabilitation. With our scale and reach in 10 countries, we continue to raise the bar in healthcare in our key markets of Malaysia, Singapore, Türkiye, India, Greater China (including Hong Kong) and beyond. In partnership with our stakeholders, we will co-create a sustainable future for all as we work towards our vision to become the world’s most trusted healthcare services network.

Fresenius Medical Care

cb freseniusmedicalcare.com

Fresenius Medical Care is the world’s leading provider of products and services for individuals with renal diseases. We aim to create a future worth living for chronically and critically ill patients – worldwide and every day. Thanks to our decades of experience in dialysis, our innovative research and our value-based care approach, we can help them to enjoy the very best quality of life. Our portfolio encompasses a comprehensive range of high-quality health care products and services as well as various dialysis treatment options for both in-center and home dialysis that are individually tailored to our patients’ needs.

Ascension

ascension.org

Answering God's call to bring health, healing and hope to all. Ascension is one of the nation’s leading non-profit and Catholic health systems, with a Mission of delivering compassionate, personalized care to all, with special attention to those most vulnerable. In FY2025, Ascension provided $1.7 billion in care of persons living in poverty and other community benefit programs along with $1.8 billion of unreimbursed care for Medicare patients. Across 16 states and the District of Columbia, Ascension’s network encompasses approximately 99,000 associates, 22,300 aligned providers, 95 wholly owned or consolidated hospitals, and ownership interests in 26 additional hospitals through partnerships. Ascension also operates 30 senior living facilities and a variety of other care sites offering a range of healthcare services.

Intermountain Health

intermountainhealthcare.org

Headquartered in Utah with locations in six primary states and additional operations across the western U.S., Intermountain Health is a nonprofit system of 34 hospitals, 400+ clinics, a medical group of more than 4,800 employed physicians and advanced care providers, a health plan division called Select Health with more than one million members, and other health services. With more than 68,000 caregivers on a mission to help people live the healthiest lives possible, Intermountain is committed to improving community health, and is widely recognized as a leader in transforming healthcare. We strive to be a model health system by taking full clinical and financial accountability for the health of more people, partnering to proactively keep people well, and coordinating and providing the best possible care. At Intermountain, every caregiver helps us fulfill our mission of helping people live the healthiest lives possible. Interested in joining our team? Check out our career website and apply today at https://intermountainhealthcare.org/careers/.

Loading…

NEWS

OSF HealthCare CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

February 24, 2026 08:00 AM

Hospital cyberattacks grow more sophisticated as AI lowers barriers, putting patient data at risk

Largely due to AI, hospitals across northern Illinois face escalating cyberattacks, including data breaches like OSF's, and ransomware that...

Read Article

February 19, 2026 08:00 AM

OSF HealthCare Cancer in Peoria to expand to meet rising demand

Two years after opening its doors, the OSF HealthCare Cancer in Rockford is preparing for a major expansion to keep pace with rapidly...

Read Article

February 18, 2026 08:00 AM

OSF Healthcare breaks ground on new medical office in Brimfield

OSF HealthCare leaders broke ground on a new medical office building in Brimfield, which will replace the current clinic and expand access...

Read Article

December 30, 2025 08:00 AM

80 Hospitals May Have Been Affected by the Oracle Health Data Breach

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a security alert about the recently confirmed Oracle data breach.

Read Article

December 24, 2025 08:00 AM

Data breach exposes sensitive patient information across multiple OSF facilities

OSF Saint Clare Medical Center in Princeton recently notified patients that some of their personal and medical information may have been...

Read Article

December 02, 2025 08:00 AM

Vendor notebook: Forging ahead on imaging and cybersecurity AI

Companies in November announced new efforts to fine-tune foundational models to advance radiology intelligence and implement baked-in...

Read Article

December 01, 2025 08:00 AM

Tata Elxsi, University of Illinois Urbana-Champaign, and OSF HealthCare Partner to Transform Rural Healthcare Access in the United States

Tata Elxsi, a global leader in design and technology services, has partnered with the University of Illinois Urbana-Champaign and OSF...

Read Article

August 08, 2025 07:00 AM

How OSF HealthCare gained $2.6M through its clinical AI platform

OSF HealthCare has long delivered expert neurovascular care across its 18-hospital system, headquartered in Peoria, Illinois.

Read Article

July 25, 2025 07:00 AM

OSF HealthCare stacks up the wins with provider data management tech

76% of active, schedulable employed provider profiles are now well-configured, 79% of employed providers are configured with clinical...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-56785

SUMMARY

FlatPress versions prior to commit 10be83c, contains a stored cross-site scripting vulnerability in comment and contact forms where name, URL, and email fields are rendered without proper output encoding in Smarty templates. Attackers can inject arbitrary HTML and JavaScript through these fields to execute malicious scripts in browsers of viewers including administrators, or bypass URL scheme validation to inject javascript: or data: URIs.

Published

Date2026-06-23

Updated

Date2026-06-23

RISK INFORMATION (Score: 8.2)

cvss3

Base Score: 8.2

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N

cvss4

Base Score: 8.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

4.7

Exploitability

2.8

REFERENCES

CVE-2026-54588

SUMMARY

Poweradmin is a web-based DNS administration tool for PowerDNS server. Versions prior to 4.2.4 and 4.3.3 use the attacker-controlled `HTTP_HOST` request header as the authoritative source for building callback URLs in its OIDC, SAML, and logout authentication flows without any validation. An unauthenticated attacker can poison the `redirect_uri` sent to the Identity Provider, causing the IdP to redirect the victim's authorization code to an attacker-controlled server - resulting in full account takeover with no credentials required. Versions 4.2.4 and 4.3.3 patch the issue.

Published

Date2026-06-23

Updated

Date2026-06-23

RISK INFORMATION (Score: 9.6)

cvss3

Base Score: 9.6

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L

Impact Score

Exploitability

2.8

REFERENCES

CVE-2026-48493

SUMMARY

Snipe-IT is an IT asset/license management system. In versions prior to 8.6.0, a user with only users.edit can send a PATCH to /api/v1/users/{their_own_id} and grant themselves any permission except admin and superuser — for example `assets.view`, `assets.create`, `reports.view`, import, etc. The issue is patched in version 8.6.0.

Published

Date2026-06-23

Updated

Date2026-06-23

RISK INFORMATION (Score: 5.5)

cvss3

Base Score: 5.5

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N

Impact Score

4.2

Exploitability

1.2

REFERENCES

CVE-2026-47693

SUMMARY

Poweradmin is a web-based DNS administration tool for PowerDNS server. Versions prior to 4.2.4 and 4.3.3 are vulnerable to CSV Injection (Formula Injection) in its log export functionality. User-controlled data — specifically the username field — is written to exported CSV files without sanitizing formula trigger characters (=, +, -, @). When an administrator exports activity logs and opens the resulting CSV in a spreadsheet application (Microsoft Excel, LibreOffice Calc, Google Sheets), any formula stored in a username is executed by the application. This can be used for phishing attacks against administrators or data exfiltration. Versions 4.2.4 and 4.3.3 patch the issue.

Published

Date2026-06-23

Updated

Date2026-06-23

RISK INFORMATION (Score: 6.9)

cvss3

Base Score: 6.9

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N

Impact Score

4.7

Exploitability

1.7

REFERENCES

CVE-2026-12164

SUMMARY

Fortra File Integrity Monitoring (FIM), formerly Tripwire Enterprise, versions prior to 9.4.0 may assign incorrect or elevated effective permissions to users created by the tetool import command while FIM is running, particularly when the import also creates or changes roles or role-permission relationships.

Published

Date2026-06-23

Updated

Date2026-06-23

RISK INFORMATION (Score: 4.4)

cvss3

Base Score: 4.4

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Impact Score

3.6

Exploitability

0.8

REFERENCES

https://www.fortra.com/security/advisories/product-security/fi-2026-010

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…