Comparison Overview

Perthyn

VS

RHÖN-KLINIKUM AG

Perthyn

Swansea, Wales SA7 9FG, GB, Swansea, Wales SA7 9FG, GB
Last Update: 2025-03-08 (UTC)
Between 800 and 900
http://www.perthyn.org.uk

Strong

Perthyn is the Welsh word for “belonging”. Perthyn’s primary activity is providing support to people with learning disabilities, autism and complex health and emotional support requirements, to enable them to fulfil their maximum individual potential and live full and valued lives in their communities. We are a registered charity and company limited by guarantee which is essentially funded by the Local Authorities and Health Boards of the areas within which we operate. Perthyn was formed in 1995 and is a ‘not for profit’ charity based upon principles of delivering high quality person-centred care and support, and has consistently grown to become one of the largest and most highly-regarded charities in Wales. Perthyn has an annual turnover in excess of £20 million, employs over 550 staff, and provides support to people across Wales and England. Perthyn currently works in: Cardiff, Carmarthenshire, Pembrokeshire, Powys, Swansea, Shropshire and Nottinghamshire.

NAICS: 62
NAICS Definition:
Employees: 169
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

RHÖN-KLINIKUM AG

1 Schlossplatz, Bad Neustadt an der Saale, 97616, DE
Last Update: 2024-09-20 (UTC)

Strong

Between 800 and 900
https://www.rhoen-klinikum-ag.com/legal

Die RHÖN‐KLINIKUM AG ist einer der größten Gesundheitsdienstleister in Deutschland. Die Kliniken bieten exzellente Medizin mit direkter Anbindung zu Universitäten und Forschungseinrichtungen. An den fünf Standorten Campus Bad Neustadt, Klinikum Frankfurt (Oder), Universitätsklinikum Gießen und Universitätsklinikum Marburg (UKGM) sowie der Zentralklinik Bad Berka werden jährlich rund 855.000 Patienten behandelt. Über 18.100 Mitarbeitende sind im Unternehmen beschäftigt. Das innovative RHÖN-Campus-Konzept für eine sektorenübergreifende und zukunftsweisende Gesundheitsversorgung im ländlichen Raum, die konsequente Fortsetzung des schrittweisen digitalen Wandels im Unternehmen sowie die strategische Partnerschaft mit Asklepios sind wichtige Säulen der Unternehmensstrategie. Die RHÖN-KLINIKUM AG ist ein eigenständiges Unternehmen unter dem Dach der Asklepios Kliniken GmbH & Co. KGaA.

NAICS: 62
NAICS Definition: Health Care and Social Assistance
Employees: 308
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/perthyn.jpeg
Perthyn
ISO 27001
Not verified
SOC 2
Not verified
GDPR
No public badge
PCI DSS
No public badge
https://images.rankiteo.com/companyimages/rhön-klinikum-ag.jpeg
RHÖN-KLINIKUM AG
ISO 27001
Not verified
SOC 2
Not verified
GDPR
No public badge
PCI DSS
No public badge
Compliance Summary
Perthyn
100%
Compliance Rate
0/4 Standards Verified
RHÖN-KLINIKUM AG
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Hospitals and Health Care Industry Average (This Year)

No incidents recorded for Perthyn in 2025.

Incidents vs Hospitals and Health Care Industry Average (This Year)

No incidents recorded for RHÖN-KLINIKUM AG in 2025.

Incident History — Perthyn (X = Date, Y = Severity)

Perthyn cyber incidents detection timeline including parent company and subsidiaries

Incident History — RHÖN-KLINIKUM AG (X = Date, Y = Severity)

RHÖN-KLINIKUM AG cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/perthyn.jpeg
Perthyn
Incidents

No Incident

https://images.rankiteo.com/companyimages/rhön-klinikum-ag.jpeg
RHÖN-KLINIKUM AG
Incidents

No Incident

FAQ

Both Perthyn company and RHÖN-KLINIKUM AG company demonstrate a comparable AI risk posture, with strong governance and monitoring frameworks in place.

Historically, RHÖN-KLINIKUM AG company has disclosed a higher number of cyber incidents compared to Perthyn company.

In the current year, RHÖN-KLINIKUM AG company and Perthyn company have not reported any cyber incidents.

Neither RHÖN-KLINIKUM AG company nor Perthyn company has reported experiencing a ransomware attack publicly.

Neither RHÖN-KLINIKUM AG company nor Perthyn company has reported experiencing a data breach publicly.

Neither RHÖN-KLINIKUM AG company nor Perthyn company has reported experiencing targeted cyberattacks publicly.

Neither Perthyn company nor RHÖN-KLINIKUM AG company has reported experiencing or disclosing vulnerabilities publicly.

Neither Perthyn company nor RHÖN-KLINIKUM AG company has publicly disclosed detailed information about the number of their subsidiaries.

RHÖN-KLINIKUM AG company employs more people globally than Perthyn company, reflecting its scale as a Hospitals and Health Care.

Latest Global CVEs (Not Company-Specific)

Description

An issue was discovered in chinabugotech hutool before 5.8.4 allowing attackers to execute arbitrary expressions that lead to arbitrary method invocation and potentially remote code execution (RCE) via the QLExpressEngine class.

Published
Date
2025-09-25
Updated
Date
2025-09-25
References
Description

A weakness has been identified in JeecgBoot up to 3.8.2. The impacted element is an unknown function of the file /sys/role/exportXls. This manipulation causes improper authorization. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-09-25
Updated
Date
2025-09-25
Risk Information
cvss2
Base: 4.0
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:N/A:N
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in JeecgBoot up to 3.8.2. The affected element is an unknown function of the file /sys/user/exportXls of the component Filter Handler. The manipulation results in improper authorization. The attack may be performed from remote. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-09-25
Updated
Date
2025-09-25
Risk Information
cvss2
Base: 4.0
Severity: LOW
AV:N/AC:L/Au:S/C:P/I:N/A:N
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was identified in JeecgBoot up to 3.8.2. Impacted is an unknown function of the file /sys/tenant/deleteBatch. The manipulation of the argument ids leads to improper authorization. The attack is possible to be carried out remotely. The complexity of an attack is rather high. The exploitability is considered difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-09-25
Updated
Date
2025-09-25
Risk Information
cvss2
Base: 2.1
Severity: HIGH
AV:N/AC:H/Au:S/C:P/I:N/A:N
cvss3
Base: 3.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 2.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was determined in JeecgBoot up to 3.8.2. This issue affects some unknown processing of the file /api/getDepartUserList. Executing manipulation of the argument departId can lead to improper authorization. The attack can be executed remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Published
Date
2025-09-25
Updated
Date
2025-09-25
Risk Information
cvss2
Base: 2.1
Severity: HIGH
AV:N/AC:H/Au:S/C:P/I:N/A:N
cvss3
Base: 3.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 2.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References