Comparison Overview

Philz Coffee

VS

JD Sports Fashion

Philz Coffee

1258 Minnesota Street, San Francisco, CA, 94107, US
Last Update: 2025-05-06 (UTC)
Between 800 and 900
http://www.philzcoffee.com

Strong

It all started with a dream to create a really great cup of coffee personalized for you... Philz Coffee is a San Francisco-based coffee company that attracts people who are passionate - about life, about others, about the communities they live and work in...and about coffee! Our core values: Put the customer experience first Our customers are our top priority. If we put people first, we cannot fail. Be quality driven and progress focused Be proud of your work. Be committed to doing the very best with passion and focus. Be kind and keep it real We are kind-hearted, positive, humble, and human. Be yourself. Be sincere. A genuine connection will outperform formality. We make sure that every Philz is a fun, creative and vibrant workplace. A spot where you can be yourself, dress the way you want, and have flexibility in your schedule to live your best life. Most importantly, youโ€™ll be part of an environment dedicated to bettering peopleโ€™s days and building community.

NAICS: 43
NAICS Definition: Retail Trade
Employees: 781
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

JD Sports Fashion

Hollins Brook Way, None, Bury, England, GB, BL9 8RR
Last Update: 2025-09-01 (UTC)

Excellent

Between 900 and 1000
https://careers.jdplc.com/

Founded in 1981 with a single store in the Northwest of England, JD Group has grown into a leading global omni-channel retailer in Sports Fashion, Outdoors, and Gyms. Our diverse and dedicated teams operate across a portfolio of renowned retail brands in multiple international markets. Listed on the London Stock Exchange since 1996 and a proud member of the FTSE100 since 2019, JD Group continues to expand both in the UK and globally driven by a commitment to innovation, excellence, and possibility. Our vision is to become the worldโ€™s most trusted and dynamic omni-channel retailer in the sports and outdoor industry. We welcome individuals from all backgrounds to join us in shaping this future. If you're passionate about contributing to an inclusive, people-first, and customer-centric organisation and are motivated by continuous growth and operational excellence weโ€™d love to hear from you.

NAICS: 43
NAICS Definition: Retail Trade
Employees: 30,744
Subsidiaries: 12
12-month incidents
0
Known data breaches
2
Attack type number
2

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/philz-coffee.jpeg
Philz Coffee
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
https://images.rankiteo.com/companyimages/jd-sports-fashion-plc.jpeg
JD Sports Fashion
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
Compliance Summary
Philz Coffee
100%
Compliance Rate
0/4 Standards Verified
JD Sports Fashion
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Retail Industry Average (This Year)

No incidents recorded for Philz Coffee in 2025.

Incidents vs Retail Industry Average (This Year)

No incidents recorded for JD Sports Fashion in 2025.

Incident History โ€” Philz Coffee (X = Date, Y = Severity)

Philz Coffee cyber incidents detection timeline including parent company and subsidiaries

Incident History โ€” JD Sports Fashion (X = Date, Y = Severity)

JD Sports Fashion cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/philz-coffee.jpeg
Philz Coffee
Incidents

No Incident

https://images.rankiteo.com/companyimages/jd-sports-fashion-plc.jpeg
JD Sports Fashion
Incidents

Date Detected: 11/2023
Type:Breach
Blog: Blog

Date Detected: 01/2023
Type:Data Leak
Blog: Blog

Date Detected: 1/2013
Type:Breach
Attack Vector: Physical Theft
Motivation: Unknown
Blog: Blog

FAQ

JD Sports Fashion company company demonstrates a stronger AI risk posture compared to Philz Coffee company company, reflecting its advanced AI governance and monitoring frameworks.

JD Sports Fashion company has historically faced a number of disclosed cyber incidents, whereas Philz Coffee company has not reported any.

In the current year, JD Sports Fashion company and Philz Coffee company have not reported any cyber incidents.

Neither JD Sports Fashion company nor Philz Coffee company has reported experiencing a ransomware attack publicly.

JD Sports Fashion company has disclosed at least one data breach, while Philz Coffee company has not reported such incidents publicly.

Neither JD Sports Fashion company nor Philz Coffee company has reported experiencing targeted cyberattacks publicly.

Neither Philz Coffee company nor JD Sports Fashion company has reported experiencing or disclosing vulnerabilities publicly.

JD Sports Fashion company has more subsidiaries worldwide compared to Philz Coffee company.

JD Sports Fashion company employs more people globally than Philz Coffee company, reflecting its scale as a Retail.

Latest Global CVEs (Not Company-Specific)

Description

Improper Protection Against Voltage and Clock Glitches in FPGA devices, could allow an attacker with physical access to undervolt the platform resulting in a loss of confidentiality.

Published
Date
2025-09-24
Updated
Date
2025-09-24
Risk Information
cvss4
Base: 8.6
Severity: LOW
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Malicious code was inserted into the Nx (build system) package and several related plugins. The tampered package was published to the npm software registry, via a supply-chain attack. Affected versions contain code that scans the file system, collects credentials, and posts them to GitHub as a repo under user's accounts.

Published
Date
2025-09-24
Updated
Date
2025-09-24
Risk Information
cvss3
Base: 9.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
References
Description

Flag Forge is a Capture The Flag (CTF) platform. In versions from 2.1.0 to before 2.3.0, the API endpoint GET /api/problems/:id returns challenge hints in plaintext within the question object, regardless of whether the user has unlocked them via point deduction. Users can view all hints for free, undermining the business logic of the platform and reducing the integrity of the challenge system. This issue has been patched in version 2.3.0.

Published
Date
2025-09-24
Updated
Date
2025-09-24
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References
Description

Flag Forge is a Capture The Flag (CTF) platform. In version 2.1.0, the /api/admin/assign-badge endpoint lacks proper access control, allowing any authenticated user to assign high-privilege badges (e.g., Staff) to themselves. This could lead to privilege escalation and impersonation of administrative roles. This issue has been patched in version 2.2.0.

Published
Date
2025-09-24
Updated
Date
2025-09-24
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
References
Description

parse is a package designed to parse JavaScript SDK. A Prototype Pollution vulnerability in the SingleInstanceStateController.initializeState function of parse version 5.3.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service (DoS) as the minimum consequence.

Published
Date
2025-09-24
Updated
Date
2025-09-24
References