SHN
Company Details
Linkedin ID:
selecthealthnetwork
Employees number:
32
Number of followers:
170
NAICS:
62
Industry Type:
Homepage:
selecthealthnetwork.com
IP Addresses:
0
Company ID:
SEL_5649229
Scan Status:
In-progress
Select Health Network Company CyberSecurity Posture
selecthealthnetwork.com
Select Health Network is a Physician Hospital Organization which began operations in 1994 and provides a comprehensive physician network in St. Joseph and Marshall Counties, Indiana. In total, Select Health Network offers access to over 770 providers including specialists, primary care physicians and mid-level providers.
Select Health Network A.I CyberSecurity Scoring
SHN Risk Score (AI oriented)Between 750 and 799
SHN
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
SHN Global Score (TPRM)XXXX
SHN
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
SHN Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Select Health Network
Data Leak
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Select Health Network, a healthcare service provider suffered a data security incident that impacted the privacy of personal information for current or former members of its plans. Investigation revealed that Select Health's employee email account was accessed by an unknown actor from May 22, 2019, to June 13, 2019. The compromised email account exposed personal information like Name, Address, Date of Birth, Member ID Number, Treating/Referring Physician, Health Insurance Information, Medical History Information, Treatment Information, Treatment Cost Information, Health Insurance Policy Number, and Medical Record Number. For a limited number of individuals, Social Security number. Select Health notified potentially affected individuals by posting a notification on its website, and by mailing letters to potentially affected individuals.
SHN Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for SHN
Incidents vs Hospitals and Health Care Industry Average (This Year)
No incidents recorded for Select Health Network in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Select Health Network in 2025.
Incident Types SHN vs Hospitals and Health Care Industry Avg (This Year)
No incidents recorded for Select Health Network in 2025.
Incident History — SHN (X = Date, Y = Severity)
SHN cyber incidents detection timeline including parent company and subsidiaries
SHN Company Subsidiaries
Select Health Network is a Physician Hospital Organization which began operations in 1994 and provides a comprehensive physician network in St. Joseph and Marshall Counties, Indiana. In total, Select Health Network offers access to over 770 providers including specialists, primary care physicians and mid-level providers.
Loading...
SHN Similar Companies
Since its start in 1855 as the nation's first hospital devoted exclusively to caring for children, The Children's Hospital of Philadelphia has been the birthplace for many dramatic firsts in pediatric medicine. The Hospital has fostered medical discoveries and innovations that have improved pediatri
UHS
One of the nation’s largest and most respected providers of hospital and healthcare services, Universal Health Services, Inc. (NYSE: UHS) has built an impressive record of achievement and performance, growing since its inception into a Fortune 300 corporation. Headquartered in King of Prussia, PA, U
OhioHealth
OhioHealth is a nationally recognized, not-for-profit, faith-based health system of more than 35,000 associates, providers and volunteers. We lead with our mission to improve the health of those we serve throughout our 16 hospitals and 200+ urgent, primary and specialty care sites spanning 50 Ohio c
Prisma Health is the largest not-for-profit health organization in South Carolina, serving more than 1.2 million patients annually. Our facilities in the Greenville and Columbia surrounding markets are dedicated to improving the health of all South Carolinians through improved clinical quality, acce
SSM Health is a Catholic, not-for-profit, fully integrated health system dedicated to advancing innovative, sustainable, and compassionate care for patients and communities throughout the Midwest and beyond. The organization’s 40,000 team members and 13,900 providers are committed to fulfilling SSM
Mercy Health
At Mercy Health, we understand that every family is a universe. A network of people who love, and support, and count on one other to be there. Everybody means the world to someone and we are committed to care for others so they can be there for the ones they love. With nearly 35,000 employees across
Care You Can Count On Whether you are searching for your next career opportunity or looking for care for yourself or a family member, you’ll find what you need at Scripps. Founded in 1924 by philanthropist Ellen Browning Scripps, Scripps is a non-profit integrated health care delivery system based
Rochester Regional Health
Rochester Regional Health, headquartered in Rochester, NY, is an integrated health services organization serving the people of Western New York, the Finger Lakes, St. Lawrence County, and beyond. We are dedicated to helping our community stay healthy and live fulfilling lives. Together, we find the
VCU Health
We are a strong, passionate team of more than 12,500 who take pride in caring for every person who comes through our doors. We lift each other up so we can provide the very best and safest care to those who need us most. Together. Every day. With the support of our university, we make up an acade
.png)
SHN CyberSecurity News
Loading...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
SHN CyberSecurity History Information
Official Website of Select Health Network
The official website of Select Health Network is https://www.selecthealthnetwork.com/.
Select Health Network’s AI-Generated Cybersecurity Score
According to Rankiteo, Select Health Network’s AI-generated cybersecurity score is 750, reflecting their Fair security posture.
How many security badges does Select Health Network’ have ?
According to Rankiteo, Select Health Network currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Select Health Network have SOC 2 Type 1 certification ?
According to Rankiteo, Select Health Network is not certified under SOC 2 Type 1.
Does Select Health Network have SOC 2 Type 2 certification ?
According to Rankiteo, Select Health Network does not hold a SOC 2 Type 2 certification.
Does Select Health Network comply with GDPR ?
According to Rankiteo, Select Health Network is not listed as GDPR compliant.
Does Select Health Network have PCI DSS certification ?
According to Rankiteo, Select Health Network does not currently maintain PCI DSS compliance.
Does Select Health Network comply with HIPAA ?
According to Rankiteo, Select Health Network is not compliant with HIPAA regulations.
Does Select Health Network have ISO 27001 certification ?
According to Rankiteo,Select Health Network is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Select Health Network
Select Health Network operates primarily in the Hospitals and Health Care industry.
Number of Employees at Select Health Network
Select Health Network employs approximately 32 people worldwide.
Subsidiaries Owned by Select Health Network
Select Health Network presently has no subsidiaries across any sectors.
Select Health Network’s LinkedIn Followers
Select Health Network’s official LinkedIn profile has approximately 170 followers.
NAICS Classification of Select Health Network
Select Health Network is classified under the NAICS code 62, which corresponds to Health Care and Social Assistance.
Select Health Network’s Presence on Crunchbase
No, Select Health Network does not have a profile on Crunchbase.
Select Health Network’s Presence on LinkedIn
Yes, Select Health Network maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/selecthealthnetwork.
Cybersecurity Incidents Involving Select Health Network
As of December 28, 2025, Rankiteo reports that Select Health Network has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Select Health Network has an estimated 31,370 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Select Health Network ?
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak.
How does Select Health Network detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with posting a notification on its website, communication strategy with mailing letters to potentially affected individuals..
Incident Details
Can you provide details on each incident ?
Title: Data Security Incident at Select Health Network
Description: Select Health Network, a healthcare service provider, suffered a data security incident that impacted the privacy of personal information for current or former members of its plans. Investigation revealed that Select Health's employee email account was accessed by an unknown actor from May 22, 2019, to June 13, 2019. The compromised email account exposed personal information like Name, Address, Date of Birth, Member ID Number, Treating/Referring Physician, Health Insurance Information, Medical History Information, Treatment Information, Treatment Cost Information, Health Insurance Policy Number, and Medical Record Number. For a limited number of individuals, Social Security number.
Type: Data Breach
Attack Vector: Email Account Compromise
Vulnerability Exploited: Compromised Email Account
Threat Actor: Unknown Actor
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Data Leak.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Email Account.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach SEL1436722
Data Compromised: Name, Address, Date of birth, Member id number, Treating/referring physician, Health insurance information, Medical history information, Treatment information, Treatment cost information, Health insurance policy number, Medical record number, Social security number
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Information, Health Information and .
Which entities were affected by each incident ?
Incident : Data Breach SEL1436722
Entity Name: Select Health Network
Entity Type: Healthcare Service Provider
Industry: Healthcare
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach SEL1436722
Communication Strategy: Posting a notification on its websiteMailing letters to potentially affected individuals
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach SEL1436722
Type of Data Compromised: Personal information, Health information
Sensitivity of Data: High
Personally Identifiable Information: Social Security Number
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Posting A Notification On Its Website and Mailing Letters To Potentially Affected Individuals.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach SEL1436722
Entry Point: Email Account
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Unknown Actor.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Name, Address, Date of Birth, Member ID Number, Treating/Referring Physician, Health Insurance Information, Medical History Information, Treatment Information, Treatment Cost Information, Health Insurance Policy Number, Medical Record Number, Social Security Number and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Health Insurance Information, Health Insurance Policy Number, Name, Treatment Cost Information, Date of Birth, Address, Social Security Number, Treatment Information, Medical Record Number, Treating/Referring Physician, Member ID Number and Medical History Information.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Email Account.
.png)
Latest Global CVEs (Not Company-Specific)
Description
In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an "invalid armor" message is printed during verification). This is related to use of \f as a marker to denote truncation of a long plaintext line.
Risk Information
cvss3
Base: 5.9
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
Description
A vulnerability has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261. Affected is the function Upload of the file Admin/Home/Controller/ProductImageController.class.php of the component Backend. Such manipulation of the argument File leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The project was informed of the problem early through an issue report but has not responded yet.
Risk Information
cvss2
Base: 5.8
Severity: LOW
AV:N/AC:L/Au:M/C:P/I:P/A:P
cvss3
Base: 4.7
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.1
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
In PHP versions 8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTR_EMULATE_PREPARES enabled, an invalid character sequence (such as \x99) in a prepared statement parameter may cause the quoting function PQescapeStringConn to return NULL, leading to a null pointer dereference in pdo_parse_params() function. This may lead to crashes (segmentation fault) and affect the availability of the target server.
Risk Information
cvss4
Base: 8.2
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, a heap buffer overflow occurs in array_merge() when the total element count of packed arrays exceeds 32-bit limits or HT_MAX_SIZE, due to an integer overflow in the precomputation of element counts using zend_hash_num_elements(). This may lead to memory corruption or crashes and affect the integrity and availability of the target server.
Risk Information
cvss3
Base: 6.5
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
Description
In PHP versions:8.1.* before 8.1.34, 8.2.* before 8.2.30, 8.3.* before 8.3.29, 8.4.* before 8.4.16, 8.5.* before 8.5.1, the getimagesize() function may leak uninitialized heap memory into the APPn segments (e.g., APP1) when reading images in multi-chunk mode (such as via php://filter). This occurs due to a bug in php_read_stream_all_chunks() that overwrites the buffer without advancing the pointer, leaving tail bytes uninitialized. This may lead to information disclosure of sensitive heap data and affect the confidentiality of the target server.
Risk Information
cvss4
Base: 6.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=selecthealthnetwork' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
