Comparison Overview

Parkland Corporation

VS

YPF

Parkland Corporation

240 4 Ave SW, Calgary, Alberta, T2P 4H4, CA
Last Update: 2025-05-06 (UTC)
Between 800 and 900
http://www.parkland.ca

Strong

As an employer, we offer tremendous career opportunities to people who love to solve problems and build scalable, efficient solutions that drive our continued growth. Careers at Parkland span diverse geographies, areas of specialization and expertise. If you thrive in high-growth environments and are searching for an opportunity to put your skills, talents, and passion to work – we encourage you to regularly visit our careers page at Power Your Journey at Parkland - Parkland. Parkland is a high-growth global business with operations in 25 countries. From humble beginnings in the 1960’s, we have grown to become a leading convenience store business and supplier, marketer and retailer of fuel and related products. Our almost 6,000 employees are focused on advancing our purpose, which is to Power Journeys and Energize Communities. Our business includes 3,200 retail service stations which stretch coast to coast in Canada, across many states in the U.S., and 23 countries in the Caribbean region. While you may not recognize the Parkland name, you are likely among the over one million customers per day who transact with our consumer and commercial brands. In Canada, 85 percent of the population live within 15-minutes of a Parkland location. We are playing a leadership role in the energy transition by providing our customers with the mobility and essential products they depend on, but with lower carbon intensity. Our Refinery was the first in North America to use existing infrastructure to manufacture renewable fuels, while our soon to be launched Ultra-fast Electric Vehicle charging network is positioned to meet emerging demand in British Columbia.

NAICS: 211
NAICS Definition: Oil and Gas Extraction
Employees: 2,465
Subsidiaries: 6
12-month incidents
0
Known data breaches
0
Attack type number
1

YPF

Macacha Guemes 515, Capital Federal, Buenos Aires, ., AR
Last Update: 2025-03-05 (UTC)

Strong

Between 800 and 900
http://www.ypf.com

En YPF, tenemos un Plan 4x4 para convertirnos en una compañía de clase mundial y lograr transformarnos en grandes exportadores de hidrocarburos. Nuestros cuatro pilares son: la aceleración de la producción de petróleo en Vaca Muerta, el activo más importante que tiene nuestro país; la disciplina financiera en la gestión de inversiones; la búsqueda de las eficiencias operativas en los negocios, y la concreción del proyecto de GNL en Argentina. Invertimos en grandes proyectos de producción y exploración, transformación energética, industrialización y en el desarrollo de ductos para transportar la producción. Trabajamos por los combustibles del futuro y de calidad internacional. Buscamos constantemente innovación y nuevas tecnologías. Ponemos mucho esfuerzo para multiplicar nuestro potencial energético y seguir desarrollando la industria. Energía a la altura de tu energía. #YPFENERGÍAARGENTINA.

NAICS: 211
NAICS Definition:
Employees: 27,131
Subsidiaries: 1
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/parkland-fuel-corporation.jpeg
Parkland Corporation
ISO 27001
Not verified
SOC 2
Not verified
GDPR
No public badge
PCI DSS
No public badge
https://images.rankiteo.com/companyimages/ypf-s-a-.jpeg
YPF
ISO 27001
Not verified
SOC 2
Not verified
GDPR
No public badge
PCI DSS
No public badge
Compliance Summary
Parkland Corporation
100%
Compliance Rate
0/4 Standards Verified
YPF
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Oil and Gas Industry Average (This Year)

No incidents recorded for Parkland Corporation in 2025.

Incidents vs Oil and Gas Industry Average (This Year)

No incidents recorded for YPF in 2025.

Incident History — Parkland Corporation (X = Date, Y = Severity)

Parkland Corporation cyber incidents detection timeline including parent company and subsidiaries

Incident History — YPF (X = Date, Y = Severity)

YPF cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/parkland-fuel-corporation.jpeg
Parkland Corporation
Incidents

Date Detected: 11/2020
Type:Ransomware
Motivation: Financial Gain
Blog: Blog
https://images.rankiteo.com/companyimages/ypf-s-a-.jpeg
YPF
Incidents

No Incident

FAQ

Both Parkland Corporation company and YPF company demonstrate a comparable AI risk posture, with strong governance and monitoring frameworks in place.

Parkland Corporation company has historically faced a number of disclosed cyber incidents, whereas YPF company has not reported any.

In the current year, YPF company and Parkland Corporation company have not reported any cyber incidents.

Parkland Corporation company has confirmed experiencing a ransomware attack, while YPF company has not reported such incidents publicly.

Neither YPF company nor Parkland Corporation company has reported experiencing a data breach publicly.

Neither YPF company nor Parkland Corporation company has reported experiencing targeted cyberattacks publicly.

Neither Parkland Corporation company nor YPF company has reported experiencing or disclosing vulnerabilities publicly.

Parkland Corporation company has more subsidiaries worldwide compared to YPF company.

YPF company employs more people globally than Parkland Corporation company, reflecting its scale as a Oil and Gas.

Latest Global CVEs (Not Company-Specific)

Description

Formbricks is an open source qualtrics alternative. Prior to version 4.0.1, Formbricks is missing JWT signature verification. This vulnerability stems from a token validation routine that only decodes JWTs (jwt.decode) without verifying their signatures. Both the email verification token login path and the password reset server action use the same validator, which does not check the token’s signature, expiration, issuer, or audience. If an attacker learns the victim’s actual user.id, they can craft an arbitrary JWT with an alg: "none" header and use it to authenticate and reset the victim’s password. This issue has been patched in version 4.0.1.

Published
Date
2025-09-26
Updated
Date
2025-09-26
Risk Information
cvss3
Base: 9.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
References
Description

Apollo Studio Embeddable Explorer & Embeddable Sandbox are website embeddable software solutions from Apollo GraphQL. Prior to Apollo Sandbox version 2.7.2 and Apollo Explorer version 3.7.3, a cross-site request forgery (CSRF) vulnerability was identified. The vulnerability arises from missing origin validation in the client-side code that handles window.postMessage events. A malicious website can send forged messages to the embedding page, causing the victim’s browser to execute arbitrary GraphQL queries or mutations against their GraphQL server while authenticated with the victim’s cookies. This issue has been patched in Apollo Sandbox version 2.7.2 and Apollo Explorer version 3.7.3.

Published
Date
2025-09-26
Updated
Date
2025-09-26
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N
References
Description

A security vulnerability has been detected in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /consulta-dispensas. Such manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Published
Date
2025-09-26
Updated
Date
2025-09-26
Risk Information
cvss2
Base: 6.5
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
cvss3
Base: 6.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A weakness has been identified in Portabilis i-Educar up to 2.10. Affected is an unknown function of the file /module/Api/aluno. This manipulation of the argument aluno_id causes improper authorization. The attack may be initiated remotely. The exploit has been made available to the public and could be exploited.

Published
Date
2025-09-26
Updated
Date
2025-09-26
Risk Information
cvss2
Base: 6.5
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
cvss3
Base: 6.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in Tencent WeKnora 0.1.0. This impacts the function testEmbeddingModel of the file /api/v1/initialization/embedding/test. The manipulation of the argument baseUrl results in server-side request forgery. The attack can be launched remotely. The exploit has been released to the public and may be exploited. It is advisable to upgrade the affected component. The vendor responds: "We have confirmed that the issue mentioned in the report does not exist in the latest releases".

Published
Date
2025-09-26
Updated
Date
2025-09-26
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References