Comparison Overview

Planned Parenthood Los Angeles

VS

Highmark Health

Planned Parenthood Los Angeles

We're Here!, Los Angeles, CA, US, 90007
Last Update: 2025-12-27
View Profile
Between 650 and 699
http://www.plannedparenthood.org/los-angeles/

The mission of Planned Parenthood Los Angeles is to provide convenient and affordable access to a comprehensive range of quality reproductive health care and sexual health information, through patient services, education and advocacy. Planned Parenthood Los Angeles operates 24 community-based health centers throughout Los Angeles County, stretching from Santa Monica to Pomona, and from Long Beach to Palmdale. Our health care professionals listen carefully to each patient while providing high quality health care and medically accurate education. Each year, we provide more than 260,000 patient visits, including birth control, STI testing and treatment, cancer screenings, and abortion. Planned Parenthood Los Angeles serves patients regardless of their ability to pay or insurance coverage. 69% of our patients live at or below the federal poverty line.

NAICS: 62
NAICS Definition: Health Care and Social Assistance
Employees: 291
Subsidiaries: 0
12-month incidents
0
Known data breaches
1
Attack type number
2
View Profile

Highmark Health

120 5th Ave, None, Pittsburgh, Pennsylvania, US, None
Last Update: 2025-12-25
Between 700 and 749
http://www.highmarkhealth.org

A national blended health organization, Highmark Health and our leading businesses support millions of customers with products, services and solutions closely aligned to our mission of creating remarkable health experiences, freeing people to be their best. Headquartered in Pittsburgh, we're regionally focused in Pennsylvania, Delaware, West Virginia and New York, with customers in all 50 states and the District of Columbia. We passionately serve individual consumers and fellow businesses alike. Our companies cover a diversified spectrum of essential health-related needs, including health insurance, health care delivery, population health management, dental solutions, reinsurance solutions, and innovative technology solutions. Our financial position reflects strength and stability, with our year-end 2024 consolidated revenues totaling $29.4 billion. We’re also proud to carry forth an important legacy of compassionate care and philanthropy that began more than 170 years ago. This tradition of giving back, reinvesting and ensuring that our communities remain strong and healthy is deeply embedded in our culture, informing our decisions every day.

NAICS: 62
NAICS Definition: Health Care and Social Assistance
Employees: 15,287
Subsidiaries: 13
12-month incidents
0
Known data breaches
2
Attack type number
3

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/planned-parenthood-los-angeles.jpeg
Planned Parenthood Los Angeles
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/highmark-health.jpeg
Highmark Health
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Planned Parenthood Los Angeles
100%
Compliance Rate
0/4 Standards Verified
Highmark Health
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Hospitals and Health Care Industry Average (This Year)

No incidents recorded for Planned Parenthood Los Angeles in 2025.

Incidents vs Hospitals and Health Care Industry Average (This Year)

No incidents recorded for Highmark Health in 2025.

Incident History — Planned Parenthood Los Angeles (X = Date, Y = Severity)

Planned Parenthood Los Angeles cyber incidents detection timeline including parent company and subsidiaries

Incident History — Highmark Health (X = Date, Y = Severity)

Highmark Health cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/planned-parenthood-los-angeles.jpeg
Planned Parenthood Los Angeles
Incidents

Date Detected: 10/2021
Type:Breach
Attack Vector: Malware
Blog: Blog

Date Detected: 2/2020
Type:Ransomware
Blog: Blog
https://images.rankiteo.com/companyimages/highmark-health.jpeg
Highmark Health
Incidents

Date Detected: 06/2023
Type:Data Leak
Attack Vector: Account Takeover
Motivation: Financial Gain
Blog: Blog

Date Detected: 12/2022
Type:Breach
Attack Vector: External Hacking
Blog: Blog

Date Detected: 12/2022
Type:Cyber Attack
Attack Vector: Phishing
Blog: Blog

FAQ

Highmark Health company demonstrates a stronger AI Cybersecurity Score compared to Planned Parenthood Los Angeles company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Highmark Health company has faced a higher number of disclosed cyber incidents historically compared to Planned Parenthood Los Angeles company.

In the current year, Highmark Health company and Planned Parenthood Los Angeles company have not reported any cyber incidents.

Planned Parenthood Los Angeles company has confirmed experiencing a ransomware attack, while Highmark Health company has not reported such incidents publicly.

Both Highmark Health company and Planned Parenthood Los Angeles company have disclosed experiencing at least one data breach.

Highmark Health company has reported targeted cyberattacks, while Planned Parenthood Los Angeles company has not reported such incidents publicly.

Neither Planned Parenthood Los Angeles company nor Highmark Health company has reported experiencing or disclosing vulnerabilities publicly.

Neither Planned Parenthood Los Angeles nor Highmark Health holds any compliance certifications.

Neither company holds any compliance certifications.

Highmark Health company has more subsidiaries worldwide compared to Planned Parenthood Los Angeles company.

Highmark Health company employs more people globally than Planned Parenthood Los Angeles company, reflecting its scale as a Hospitals and Health Care.

Neither Planned Parenthood Los Angeles nor Highmark Health holds SOC 2 Type 1 certification.

Neither Planned Parenthood Los Angeles nor Highmark Health holds SOC 2 Type 2 certification.

Neither Planned Parenthood Los Angeles nor Highmark Health holds ISO 27001 certification.

Neither Planned Parenthood Los Angeles nor Highmark Health holds PCI DSS certification.

Neither Planned Parenthood Los Angeles nor Highmark Health holds HIPAA certification.

Neither Planned Parenthood Los Angeles nor Highmark Health holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an "invalid armor" message is printed during verification). This is related to use of \f as a marker to denote truncation of a long plaintext line.

Published
Date
2025-12-27
Updated
Date
2025-12-27
Risk Information
cvss3
Base: 5.9
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
References
Description

A vulnerability has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261. Affected is the function Upload of the file Admin/Home/Controller/ProductImageController.class.php of the component Backend. Such manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The project was informed of the problem early through an issue report but has not responded yet.

Published
Date
2025-12-27
Updated
Date
2025-12-27
Risk Information
cvss2
Base: 5.8
Severity: LOW
AV:N/AC:L/Au:M/C:P/I:P/A:P
cvss3
Base: 4.7
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.1
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

In PHP versions 8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTR_EMULATE_PREPARES enabled, an invalid character sequence (such as \x99) in a prepared statement parameter may cause the quoting function PQescapeStringConn to return NULL, leading to a null pointer dereference in pdo_parse_params() function. This may lead to crashes (segmentation fault) and affect the availability of the target server.

Published
Date
2025-12-27
Updated
Date
2025-12-27
Risk Information
cvss4
Base: 8.2
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, a heap buffer overflow occurs in array_merge() when the total element count of packed arrays exceeds 32-bit limits or HT_MAX_SIZE, due to an integer overflow in the precomputation of element counts using zend_hash_num_elements(). This may lead to memory corruption or crashes and affect the integrity and availability of the target server.

Published
Date
2025-12-27
Updated
Date
2025-12-27
Risk Information
cvss3
Base: 6.5
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
References
Description

In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, the getimagesize() function may leak uninitialized heap memory into the APPn segments (e.g., APP1) when reading images in multi-chunk mode (such as via php://filter). This occurs due to a bug in php_read_stream_all_chunks() that overwrites the buffer without advancing the pointer, leaving tail bytes uninitialized. This may lead to information disclosure of sensitive heap data and affect the confidentiality of the target server.

Published
Date
2025-12-27
Updated
Date
2025-12-27
Risk Information
cvss4
Base: 6.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References