Comparison Overview

SC Johnson Lifestyle Brands

VS

EssilorLuxottica

SC Johnson Lifestyle Brands

631 Howard St, San Francisco, California, 94105, US
Last Update: 2025-03-16 (UTC)
Between 900 and 1000
https://jobs.scjohnson.com/lifestyle

Excellent

SC Johnson Lifestyle Brands (the LSB) is a growing house of like-minded brands under the SC Johnson umbrella including method, Mrs. Meyerโ€™s Clean Day, babyganics and Ecover. Headquartered in San Francisco with additional operations in Chicago and throughout Europe, the LSB is home to 650 employees. Together we act as a force for bold, transformative growth with a focus on delivering positive impact for people and the planet. At the LSB we imagine the world that we want, then set out to create it. We do things differently, because weโ€™re out to make a difference. If youโ€™re into pioneering the future and doing good while doing business, come join us. The LSB is part of SC Johnson, a family-owned company and leading manufacturer of household cleaning, home storage, air care, pest control and shoe care products, as well as professional products. Originally founded in 1886 and headquartered in Wisconsin, U.S.A., SC Johnson and the Lifestyle Brands division are at work for a better world.

NAICS: 339
NAICS Definition:
Employees: 521
Subsidiaries: 4
12-month incidents
0
Known data breaches
0
Attack type number
0

EssilorLuxottica

1-6, Rue Paul Cรฉzanne, None, Paris, None, FR, None
Last Update: 2025-07-16 (UTC)

Excellent

Between 900 and 1000
https://www.essilorluxottica.com

We are EssilorLuxottica, a global leader in the design, manufacture and distribution of ophthalmic lenses, frames and sunglasses. Formed in 2018 by the combination of Essilor and Luxottica, our Company combines two centuries of innovation and human endeavour to elevate vision care and the consumer experience around it. We are home to the most loved and widely-recognized vision care and eyewear brands in the world. Our proprietary eyewear brands include Ray-Ban, Oakley, Costa, Vogue Eyewear, Persol and Oliver Peoples, complemented by over 20 prestigious licensed brands. Our advanced lens technologies include Varilux, Crizal, Eyezen, Stellest and Transitions. We offer superior shopping and patient experiences with a network of 18,000 stores including world-class retail brands like Sunglass Hut, LensCrafters, Salmoiraghi & Viganรฒ and GrandVision. Every day, EssilorLuxotticaโ€™s more than 190,000 employees in 150 countries work towards a common mission to help people see more and be more. In 2021, the Companyโ€™s milestones included a collaboration with Meta to launch Ray-Ban Stories smart glasses; the acquisition of GrandVision bringing 39,000 new employees into our family; expansion of our International Employee Shareholding community, and the launch of Eyes on the Planet, our strategic approach to sustainability.

NAICS: 30
NAICS Definition: Manufacturing
Employees: 79,782
Subsidiaries: 34
12-month incidents
0
Known data breaches
4
Attack type number
3

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/scj-lifestyle-brands.jpeg
SC Johnson Lifestyle Brands
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
https://images.rankiteo.com/companyimages/essilorluxottica.jpeg
EssilorLuxottica
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
Compliance Summary
SC Johnson Lifestyle Brands
100%
Compliance Rate
0/4 Standards Verified
EssilorLuxottica
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Manufacturing Industry Average (This Year)

No incidents recorded for SC Johnson Lifestyle Brands in 2025.

Incidents vs Manufacturing Industry Average (This Year)

No incidents recorded for EssilorLuxottica in 2025.

Incident History โ€” SC Johnson Lifestyle Brands (X = Date, Y = Severity)

SC Johnson Lifestyle Brands cyber incidents detection timeline including parent company and subsidiaries

Incident History โ€” EssilorLuxottica (X = Date, Y = Severity)

EssilorLuxottica cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/scj-lifestyle-brands.jpeg
SC Johnson Lifestyle Brands
Incidents

No Incident

https://images.rankiteo.com/companyimages/essilorluxottica.jpeg
EssilorLuxottica
Incidents

Date Detected: 05/2023
Type:Breach
Blog: Blog

Date Detected: 10/2020
Type:Ransomware
Attack Vector: Unknown
Motivation: Financial
Blog: Blog

Date Detected: 8/2020
Type:Cyber Attack
Blog: Blog

FAQ

Both SC Johnson Lifestyle Brands company and EssilorLuxottica company demonstrate a comparable AI risk posture, with strong governance and monitoring frameworks in place.

EssilorLuxottica company has historically faced a number of disclosed cyber incidents, whereas SC Johnson Lifestyle Brands company has not reported any.

In the current year, EssilorLuxottica company and SC Johnson Lifestyle Brands company have not reported any cyber incidents.

EssilorLuxottica company has confirmed experiencing a ransomware attack, while SC Johnson Lifestyle Brands company has not reported such incidents publicly.

EssilorLuxottica company has disclosed at least one data breach, while SC Johnson Lifestyle Brands company has not reported such incidents publicly.

EssilorLuxottica company has reported targeted cyberattacks, while SC Johnson Lifestyle Brands company has not reported such incidents publicly.

Neither SC Johnson Lifestyle Brands company nor EssilorLuxottica company has reported experiencing or disclosing vulnerabilities publicly.

EssilorLuxottica company has more subsidiaries worldwide compared to SC Johnson Lifestyle Brands company.

EssilorLuxottica company employs more people globally than SC Johnson Lifestyle Brands company, reflecting its scale as a Manufacturing.

Latest Global CVEs (Not Company-Specific)

Description

Improper Protection Against Voltage and Clock Glitches in FPGA devices, could allow an attacker with physical access to undervolt the platform resulting in a loss of confidentiality.

Published
Date
2025-09-24
Updated
Date
2025-09-24
Risk Information
cvss4
Base: 8.6
Severity: LOW
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Malicious code was inserted into the Nx (build system) package and several related plugins. The tampered package was published to the npm software registry, via a supply-chain attack. Affected versions contain code that scans the file system, collects credentials, and posts them to GitHub as a repo under user's accounts.

Published
Date
2025-09-24
Updated
Date
2025-09-24
Risk Information
cvss3
Base: 9.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
References
Description

Flag Forge is a Capture The Flag (CTF) platform. In versions from 2.1.0 to before 2.3.0, the API endpoint GET /api/problems/:id returns challenge hints in plaintext within the question object, regardless of whether the user has unlocked them via point deduction. Users can view all hints for free, undermining the business logic of the platform and reducing the integrity of the challenge system. This issue has been patched in version 2.3.0.

Published
Date
2025-09-24
Updated
Date
2025-09-24
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References
Description

Flag Forge is a Capture The Flag (CTF) platform. In version 2.1.0, the /api/admin/assign-badge endpoint lacks proper access control, allowing any authenticated user to assign high-privilege badges (e.g., Staff) to themselves. This could lead to privilege escalation and impersonation of administrative roles. This issue has been patched in version 2.2.0.

Published
Date
2025-09-24
Updated
Date
2025-09-24
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
References
Description

parse is a package designed to parse JavaScript SDK. A Prototype Pollution vulnerability in the SingleInstanceStateController.initializeState function of parse version 5.3.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service (DoS) as the minimum consequence.

Published
Date
2025-09-24
Updated
Date
2025-09-24
References