OM
Company Details
Linkedin ID:
owens-minor
Website:
Employees number:
12,925
Number of followers:
173,315
NAICS:
62
Industry Type:
Homepage:
owens-minor.com
IP Addresses:
0
Company ID:
OWE_3394818
Scan Status:
In-progress
Owens & Minor Company CyberSecurity Posture
owens-minor.com
Owens & Minor, Inc. (NYSE: OMI) is a Fortune 500 global healthcare solutions company providing essential products and services that support care from the hospital to the home. For over 100 years, Owens & Minor and its affiliated brands, Apria® , Byram®, and HALYARD*, have helped to make each day better for the patients, providers, and communities we serve. Powered by more than 20,000 teammates worldwide, Owens & Minor delivers comfort and confidence behind the scenes so healthcare stays at the forefront. Owens & Minor exists because every day, everywhere, Life Takes Care™.
Owens & Minor A.I CyberSecurity Scoring
OM Risk Score (AI oriented)Between 750 and 799
OM
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
OM Global Score (TPRM)XXXX
OM
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
OM Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Gloves Holdings, LP
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The Vermont Office of the Attorney General reported a data breach involving Gloves Holdings, LP on November 5, 2024. The breach occurred on September 12, 2024, when an unauthorized actor accessed the company's network and obtained copies of certain files, exposing at least one file with individuals' names, Social Security numbers, and/or driver’s license numbers.
OM Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for OM
Incidents vs Hospitals and Health Care Industry Average (This Year)
No incidents recorded for Owens & Minor in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Owens & Minor in 2025.
Incident Types OM vs Hospitals and Health Care Industry Avg (This Year)
No incidents recorded for Owens & Minor in 2025.
Incident History — OM (X = Date, Y = Severity)
OM cyber incidents detection timeline including parent company and subsidiaries
OM Company Subsidiaries
Owens & Minor, Inc. (NYSE: OMI) is a Fortune 500 global healthcare solutions company providing essential products and services that support care from the hospital to the home. For over 100 years, Owens & Minor and its affiliated brands, Apria® , Byram®, and HALYARD*, have helped to make each day better for the patients, providers, and communities we serve. Powered by more than 20,000 teammates worldwide, Owens & Minor delivers comfort and confidence behind the scenes so healthcare stays at the forefront. Owens & Minor exists because every day, everywhere, Life Takes Care™.
Loading...
OM Similar Companies
Mayo Clinic has expanded and changed in many ways, but our values remain true to the vision of our founders. Our primary value – The needs of the patient come first – guides our plans and decisions as we create the future of health care. Join us and you'll find a culture of teamwork, professionalism
Fairview Health Services
Fairview Health Services is Minnesota’s choice for healthcare. We’re an industry-leading, award-winning, nonprofit offering a full network of healthcare services. Our broad network is designed to be ready for our patients’ every need, while delivering quality care with compassion. Our care portfoli
Guy's and St Thomas' NHS Foundation Trust
One of the largest Trusts in the UK, Guy’s and St Thomas’ NHS Foundation Trust comprises five of the UK’s best known hospitals – Guy’s, St Thomas’, Evelina London Children’s Hospital, Royal Brompton and Harefield – as well as community services in Lambeth and Southwark, all with a long history of hi
Cleveland Clinic, located in Cleveland, Ohio, is a not-for-profit, multispecialty academic medical center that integrates clinical and hospital care with research and education. Founded in 1921 by four renowned physicians with a vision of providing outstanding patient care based upon the principl
Apollo Hospitals
Driven by the vision of its Chairman, Dr. Prathap C. Reddy, the Apollo Hospitals Group pioneered corporate healthcare in India. Apollo revolutionized healthcare when Dr Prathap Reddy opened the first hospital in Chennai in 1983. Today Apollo is the world’s largest integrated healthcare platform wit
Philips
Over the past decade we have transformed into a focused leader in health technology. At Philips, our purpose is to improve people’s health and well-being through meaningful innovation. We aim to improve 2.5 billion lives per year by 2030, including 400 million in underserved communities. We see h
Providence
Every day, 119,000 compassionate caregivers serve patients and communities through Providence St. Joseph Health, a national, Catholic, not-for-profit health system, driven by a belief that health is a human right. Rooted in the founding missions of the Sisters of Providence and the Sisters of St.
Atrium Health
Atrium Health, part of Advocate Health, is redefining how, when and where care is delivered. We are rethinking methods of care delivery to reach more people and bringing human kindness to every step of their health journey. Our dedication to elevating health care for every individual, every teammate
Keralty
Anteriormente Organización Sanitas Internacional, Keralty es un grupo empresarial de valor en salud, con más de 40 años de experiencia conformado por empresas de aseguramiento y prestación de servicios de salud y una red propia hospitalaria y asistencial. También forman parte de Keralty institucion
.png)
OM CyberSecurity News
December 01, 2025 05:11 PM
Candace Owens net worth in 2025: Podcast earnings, career, Charlie Kirk controversy and more
US Streamers News: Candace Owens, a prominent American commentator, is making headlines in 2025 due to her substantial net worth of $5...
December 01, 2025 04:03 PM
Bernard P. Owens Obituary (2025) - Rome, NY - Barry Funeral Home - Rome
Bernard Owens Obituary With heavy hearts and immense gratitude for his life, we announce the passing of Bernard P. Owens on November 21, 2025,...
December 01, 2025 03:41 PM
Candace Owens Fires Back With Shocking Challenge to TPUSA Pastor | WATCH
Candace Owens is hitting back after a TPUSA Faith pastor publicly labeled her “evil” and “demonic” during a viral event.
December 01, 2025 03:28 PM
Barrett Owens is the next KTBS 3 Minute Smile winner
SHREVEPORT, La. - The fifth 2025 KTBS 3 Minute Smile winner of the season has been selected. 8-year-old Barrett Owens from Shreveport, Louisiana will get to...
December 01, 2025 02:38 PM
Simone Biles overlooks Jonathan Owens' celebration confusion and sends him a clear message
Simone Biles was once again in the stands supporting her husband, Chicago Bears safety Jonathan Owens, during the team's latest game and...
December 01, 2025 12:47 PM
Meet snooker's ‘tiniest prodigy’ as two-year-old gets UK Championship walk-out
LUKE LITTLER took the darts world by storm when he made a name for himself at the age of 16 - but snooker has an even younger talent waiting...
December 01, 2025 11:30 AM
Candace Owens' Macron Assassination Claim Falls Apart as Officials, Experts and Fact-Checkers Find Zero Proof
Candace Owens faces backlash after accusing France's Macron of plotting her assassination, despite no evidence and firm official denials.
December 01, 2025 11:25 AM
Can Owens Corning’s (OC) Commitment to Expansion Outweigh Soft Roofing Demand in the Long Run?
In recent weeks, analysts revised their outlook on Owens Corning as expectations of weak demand and inventory destocking weighed on future...
December 01, 2025 09:29 AM
Charlie Kirk Killing Fuels Antisemitic Claims as Candace Owens Faces New Scrutiny
Candace Owens faces heavy criticism as Charlie Kirk's killing becomes a flashpoint for antisemitic conspiracies that wrongly link Israel and...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
OM CyberSecurity History Information
Official Website of Owens & Minor
The official website of Owens & Minor is http://owens-minor.com.
Owens & Minor’s AI-Generated Cybersecurity Score
According to Rankiteo, Owens & Minor’s AI-generated cybersecurity score is 759, reflecting their Fair security posture.
How many security badges does Owens & Minor’ have ?
According to Rankiteo, Owens & Minor currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Owens & Minor have SOC 2 Type 1 certification ?
According to Rankiteo, Owens & Minor is not certified under SOC 2 Type 1.
Does Owens & Minor have SOC 2 Type 2 certification ?
According to Rankiteo, Owens & Minor does not hold a SOC 2 Type 2 certification.
Does Owens & Minor comply with GDPR ?
According to Rankiteo, Owens & Minor is not listed as GDPR compliant.
Does Owens & Minor have PCI DSS certification ?
According to Rankiteo, Owens & Minor does not currently maintain PCI DSS compliance.
Does Owens & Minor comply with HIPAA ?
According to Rankiteo, Owens & Minor is not compliant with HIPAA regulations.
Does Owens & Minor have ISO 27001 certification ?
According to Rankiteo,Owens & Minor is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Owens & Minor
Owens & Minor operates primarily in the Hospitals and Health Care industry.
Number of Employees at Owens & Minor
Owens & Minor employs approximately 12,925 people worldwide.
Subsidiaries Owned by Owens & Minor
Owens & Minor presently has no subsidiaries across any sectors.
Owens & Minor’s LinkedIn Followers
Owens & Minor’s official LinkedIn profile has approximately 173,315 followers.
NAICS Classification of Owens & Minor
Owens & Minor is classified under the NAICS code 62, which corresponds to Health Care and Social Assistance.
Owens & Minor’s Presence on Crunchbase
No, Owens & Minor does not have a profile on Crunchbase.
Owens & Minor’s Presence on LinkedIn
Yes, Owens & Minor maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/owens-minor.
Cybersecurity Incidents Involving Owens & Minor
As of December 02, 2025, Rankiteo reports that Owens & Minor has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Owens & Minor has an estimated 30,196 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Owens & Minor ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
Incident Details
Can you provide details on each incident ?
Title: Data Breach at Gloves Holdings, LP
Description: The Vermont Office of the Attorney General reported a data breach involving Gloves Holdings, LP on November 5, 2024. The breach occurred on September 12, 2024, when an unauthorized actor accessed the company's network and obtained copies of certain files, exposing at least one file with individuals' names, Social Security numbers, and/or driver’s license numbers.
Date Detected: 2024-09-12
Date Publicly Disclosed: 2024-11-05
Type: Data Breach
Threat Actor: Unauthorized Actor
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach HAL741072525
Data Compromised: Individuals' names, Social security numbers, Driver’s license numbers
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Individuals' Names, Social Security Numbers, Driver’S License Numbers and .
Which entities were affected by each incident ?
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach HAL741072525
Type of Data Compromised: Individuals' names, Social security numbers, Driver’s license numbers
Sensitivity of Data: High
References
Where can I find more information about each incident ?
Incident : Data Breach HAL741072525
Source: Vermont Office of the Attorney General
Date Accessed: 2024-11-05
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Vermont Office of the Attorney GeneralDate Accessed: 2024-11-05.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Unauthorized Actor.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2024-09-12.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2024-11-05.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Individuals' names, Social Security numbers, Driver’s license numbers and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Driver’s license numbers, Individuals' names and Social Security numbers.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Vermont Office of the Attorney General.
.png)
Latest Global CVEs (Not Company-Specific)
Description
A weakness has been identified in codingWithElias School Management System up to f1ac334bfd89ae9067cc14dea12ec6ff3f078c01. Affected is an unknown function of the file /student-view.php of the component Edit Student Info Page. This manipulation of the argument First Name causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 3.3
Severity: LOW
AV:N/AC:L/Au:M/C:N/I:P/A:N
cvss3
Base: 2.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
cvss4
Base: 4.8
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
By providing a command-line argument starting with a semi-colon ; to an API endpoint created by the EnhancedCommandExecutor class of the HexStrike AI MCP server, the resultant composed command is executed directly in the context of the MCP server’s normal privilege; typically, this is root. There is no attempt to sanitize these arguments in the default configuration of this MCP server at the affected version (as of commit 2f3a5512 in September of 2025).
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Description
A weakness has been identified in winston-dsouza Ecommerce-Website up to 87734c043269baac0b4cfe9664784462138b1b2e. Affected by this issue is some unknown functionality of the file /includes/header_menu.php of the component GET Parameter Handler. Executing manipulation of the argument Error can lead to cross site scripting. The attack can be executed remotely. The exploit has been made available to the public and could be exploited. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A security flaw has been discovered in Qualitor 8.20/8.24. Affected by this vulnerability is the function eval of the file /html/st/stdeslocamento/request/getResumo.php. Performing manipulation of the argument passageiros results in code injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A vulnerability was identified in Scada-LTS up to 2.7.8.1. Affected is the function Common.getHomeDir of the file br/org/scadabr/vo/exporter/ZIPProjectManager.java of the component Project Import. Such manipulation leads to path traversal. The attack may be launched remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 6.5
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
cvss3
Base: 6.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=owens-minor' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
