SBI
Company Details
Linkedin ID:
smile-brands-inc.
Website:
Employees number:
3,386
Number of followers:
22,242
NAICS:
62
Industry Type:
Homepage:
smilebrands.com
IP Addresses:
0
Company ID:
SMI_2489265
Scan Status:
In-progress
Smile Brands Inc. Company CyberSecurity Posture
smilebrands.com
It all starts with a smile. Smile Brands has built a rewarding culture around Smiles for Everyone™. The simple idea that every interaction is an opportunity to create happiness. The result is happier doctors, happier team members, and happier patients. Employees repeatedly vote Smile Brands as one of the nation’s best places to work. Patients recommend their experiences to family and friends. Partner doctors rave about the support and peace of mind they receive from a Smile Brands transition. When everyone wins, everyone smiles.
Smile Brands Inc. A.I CyberSecurity Scoring
SBI Risk Score (AI oriented)Between 700 and 749
SBI
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
SBI Global Score (TPRM)XXXX
SBI
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
SBI Company CyberSecurity News & History
Past Incidents
2
Attack Types
2
Smile Brands Inc.
Breach
Rankiteo Explanation
Attack threatening the organization's existence
Description: Smile Brands suffered a data breach incident after it was targeted in a ransomware attack in June 2021. The incident compromised certain protected health information (PHI) of 2,592,494 individuals to an unauthorized third-party. The compromised information included the patients’ names, addresses, telephone numbers, Social Security numbers, dates of birth, health insurance information and/or diagnosis information.
Smile Brands Inc.
Ransomware
Rankiteo Explanation
Attack threatening the organization’s existence
Description: On April 24, 2021, Smile Brands Inc. experienced a **ransomware attack** that resulted in a significant data breach, as reported by the California Office of the Attorney General on September 3, 2021. The incident compromised **protected health information (PHI)**, exposing sensitive personal details of an unspecified number of individuals. The leaked data included **names, addresses, Social Security numbers, and health insurance information**, all of which are highly sensitive and regulated under privacy laws.The breach posed severe risks to affected individuals, including potential **identity theft, financial fraud, and unauthorized access to medical records**. Given the nature of the exposed data—particularly **Social Security numbers and health insurance details**—the attack had far-reaching consequences for both customers and the organization. The involvement of **ransomware** further escalated the severity, as it indicated malicious intent to encrypt and potentially exfiltrate data for extortion.The incident underscored vulnerabilities in Smile Brands Inc.’s cybersecurity defenses, raising concerns about compliance with **healthcare data protection regulations** (e.g., HIPAA) and the company’s ability to safeguard patient information. The breach not only jeopardized customer trust but also exposed the organization to **legal liabilities, regulatory fines, and reputational damage**.
SBI Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for SBI
Incidents vs Hospitals and Health Care Industry Average (This Year)
No incidents recorded for Smile Brands Inc. in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Smile Brands Inc. in 2025.
Incident Types SBI vs Hospitals and Health Care Industry Avg (This Year)
No incidents recorded for Smile Brands Inc. in 2025.
Incident History — SBI (X = Date, Y = Severity)
SBI cyber incidents detection timeline including parent company and subsidiaries
SBI Company Subsidiaries
It all starts with a smile. Smile Brands has built a rewarding culture around Smiles for Everyone™. The simple idea that every interaction is an opportunity to create happiness. The result is happier doctors, happier team members, and happier patients. Employees repeatedly vote Smile Brands as one of the nation’s best places to work. Patients recommend their experiences to family and friends. Partner doctors rave about the support and peace of mind they receive from a Smile Brands transition. When everyone wins, everyone smiles.
Loading...
SBI Similar Companies
Wellstar Health System
At Wellstar Health System, our mission is to enhance the health and well-being of every person we serve. Nationally ranked and locally recognized for our high-quality care, inclusive culture and world-class doctors and caregivers, Wellstar is one of the largest, most integrated healthcare systems in
A national blended health organization, Highmark Health and our leading businesses support millions of customers with products, services and solutions closely aligned to our mission of creating remarkable health experiences, freeing people to be their best. Headquartered in Pittsburgh, we're region
Geisinger is among the nation’s leading providers of value-based care, serving 1.2 million people in urban and rural communities across Pennsylvania. Founded in 1915 by philanthropist Abigail Geisinger, the nonprofit system generates $10 billion in annual revenues across 126 care sites — including 1
UMass Memorial Health
UMass Memorial Health is the health and wellness partner of the people of Central Massachusetts. Through pain and pandemics, our commitment to our communities never wanes. We use knowledge and innovation to create breakthrough medicine, to create jobs, and to make life better for those we serve. We
Mercy Health
At Mercy Health, we understand that every family is a universe. A network of people who love, and support, and count on one other to be there. Everybody means the world to someone and we are committed to care for others so they can be there for the ones they love. With nearly 35,000 employees across
Amsterdam UMC
At Amsterdam UMC, more than 15,000 professionals strive to provide good and accessible care. For the generations of today and tomorrow. The two medical university centers in Amsterdam, AMC and VUmc, are working together towards a future in which we prevent illnesses and make the best treatment avail
For more than 100 years, Children’s Healthcare of Atlanta has depended on clinical and nonclinical employees to help make kids better today and healthier tomorrow. Consistently ranked as one of the leading pediatric healthcare systems in the country by U.S. News & World Report, Children’s is the onl
The University of Texas Medical Branch
ABOUT THE UNIVERSITY OF TEXAS MEDICAL BRANCH: Texas' first academic health center opened its doors in 1891 and today has four campuses, five health sciences schools, six institutes for advanced study, a research enterprise that includes one of only two national laboratories dedicated to the safe stu
Centene Corporation
Centene Corporation is a leading healthcare enterprise committed to helping people live healthier lives. Centene offers affordable and high-quality products to more than 1 in 15 individuals across the nation, including Medicaid and Medicare members (including Medicare Prescription Drug Plans) as wel
.png)
SBI CyberSecurity News
April 26, 2024 07:00 AM
Settlement checks in the mail for Freedom Financial, Ford, Optimum, others
Top Class Actions readers received payments of up to $3600 from settlements with Freedom Financial, 20/20 Eye Care Network, Smile Brands and...
October 10, 2023 07:00 AM
Smile Brands data breach class action settlement
Smile Brands agreed to a class action lawsuit settlement to resolve claims that it failed to prevent a 2021 data breach.
April 29, 2022 07:00 AM
Smile Brands Updates Breach Information, 2.6M Affected
New information about a 2021 data breach at Smile Brands revealed that the incident potentially impacted nearly 2.6 million individuals.
April 26, 2022 07:00 AM
Breach update shows 2.6M individuals affected by Smile Brands data theft
A follow-up notice from Smile Brands about its 2021 ransomware attack and that initially reported 199683 patients being affected leads this...
August 18, 2016 07:00 AM
Gryphon Investors Acquires Smile Brands From Welsh Carson
Welsh Carson Anderson & Stowe-backed Smile Brands Group Inc. is returning to the hands of Gryphon Investors, which previously owned the company from 1998 to...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
SBI CyberSecurity History Information
Official Website of Smile Brands Inc.
The official website of Smile Brands Inc. is https://smilebrands.com.
Smile Brands Inc.’s AI-Generated Cybersecurity Score
According to Rankiteo, Smile Brands Inc.’s AI-generated cybersecurity score is 704, reflecting their Moderate security posture.
How many security badges does Smile Brands Inc.’ have ?
According to Rankiteo, Smile Brands Inc. currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Smile Brands Inc. have SOC 2 Type 1 certification ?
According to Rankiteo, Smile Brands Inc. is not certified under SOC 2 Type 1.
Does Smile Brands Inc. have SOC 2 Type 2 certification ?
According to Rankiteo, Smile Brands Inc. does not hold a SOC 2 Type 2 certification.
Does Smile Brands Inc. comply with GDPR ?
According to Rankiteo, Smile Brands Inc. is not listed as GDPR compliant.
Does Smile Brands Inc. have PCI DSS certification ?
According to Rankiteo, Smile Brands Inc. does not currently maintain PCI DSS compliance.
Does Smile Brands Inc. comply with HIPAA ?
According to Rankiteo, Smile Brands Inc. is not compliant with HIPAA regulations.
Does Smile Brands Inc. have ISO 27001 certification ?
According to Rankiteo,Smile Brands Inc. is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Smile Brands Inc.
Smile Brands Inc. operates primarily in the Hospitals and Health Care industry.
Number of Employees at Smile Brands Inc.
Smile Brands Inc. employs approximately 3,386 people worldwide.
Subsidiaries Owned by Smile Brands Inc.
Smile Brands Inc. presently has no subsidiaries across any sectors.
Smile Brands Inc.’s LinkedIn Followers
Smile Brands Inc.’s official LinkedIn profile has approximately 22,242 followers.
NAICS Classification of Smile Brands Inc.
Smile Brands Inc. is classified under the NAICS code 62, which corresponds to Health Care and Social Assistance.
Smile Brands Inc.’s Presence on Crunchbase
Yes, Smile Brands Inc. has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/bright-now-dental.
Smile Brands Inc.’s Presence on LinkedIn
Yes, Smile Brands Inc. maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/smile-brands-inc..
Cybersecurity Incidents Involving Smile Brands Inc.
As of December 06, 2025, Rankiteo reports that Smile Brands Inc. has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
Smile Brands Inc. has an estimated 30,533 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Smile Brands Inc. ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach and Ransomware.
Incident Details
Can you provide details on each incident ?
Title: Smile Brands Data Breach
Description: Smile Brands suffered a data breach incident after it was targeted in a ransomware attack in June 2021. The incident compromised certain protected health information (PHI) of 2,592,494 individuals to an unauthorized third-party. The compromised information included the patients’ names, addresses, telephone numbers, Social Security numbers, dates of birth, health insurance information and/or diagnosis information.
Date Detected: June 2021
Type: Data Breach, Ransomware Attack
Title: Smile Brands Inc. Ransomware Attack and Data Breach
Description: The California Office of the Attorney General reported a data breach involving Smile Brands Inc. on September 3, 2021. The breach, which occurred on April 24, 2021, was identified as a ransomware attack affecting protected health information (PHI), including names, addresses, Social Security numbers, and health insurance information for an unspecified number of individuals.
Date Detected: 2021-04-24
Date Publicly Disclosed: 2021-09-03
Type: ransomware attack, data breach
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach, Ransomware Attack SMI31424522
Data Compromised: Names, Addresses, Telephone numbers, Social security numbers, Dates of birth, Health insurance information, Diagnosis information
Incident : ransomware attack, data breach SMI514082925
Data Compromised: Names, Addresses, Social security numbers, Health insurance information
Identity Theft Risk: high (PHI and SSNs exposed)
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Phi, , Protected Health Information (Phi), Personally Identifiable Information (Pii) and .
Which entities were affected by each incident ?
Incident : Data Breach, Ransomware Attack SMI31424522
Entity Name: Smile Brands
Entity Type: Company
Industry: Healthcare
Customers Affected: 2592494
Incident : ransomware attack, data breach SMI514082925
Entity Name: Smile Brands Inc.
Entity Type: private company
Industry: healthcare (dental services)
Location: California, USA
Customers Affected: unspecified
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach, Ransomware Attack SMI31424522
Type of Data Compromised: Phi
Number of Records Exposed: 2592494
Sensitivity of Data: High
Personally Identifiable Information: namesaddressestelephone numbersSocial Security numbersdates of birthhealth insurance informationdiagnosis information
Incident : ransomware attack, data breach SMI514082925
Type of Data Compromised: Protected health information (phi), Personally identifiable information (pii)
Number of Records Exposed: unspecified
Sensitivity of Data: high (includes SSNs and health insurance details)
Personally Identifiable Information: namesaddressesSocial Security numbers
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Data Breach, Ransomware Attack SMI31424522
Data Exfiltration: True
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : ransomware attack, data breach SMI514082925
Regulations Violated: HIPAA (likely, due to PHI exposure), California Consumer Privacy Act (CCPA),
Regulatory Notifications: California Office of the Attorney General
References
Where can I find more information about each incident ?
Incident : ransomware attack, data breach SMI514082925
Source: California Office of the Attorney General
Date Accessed: 2021-09-03
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: California Office of the Attorney GeneralDate Accessed: 2021-09-03.
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on June 2021.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2021-09-03.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were names, addresses, telephone numbers, Social Security numbers, dates of birth, health insurance information, diagnosis information, , names, addresses, Social Security numbers, health insurance information and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Social Security numbers, addresses, names, dates of birth, health insurance information, telephone numbers and diagnosis information.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 512.0.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is California Office of the Attorney General.
.png)
Latest Global CVEs (Not Company-Specific)
Description
HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to 1.10.4, some of HedgeDoc's OAuth2 endpoints for social login providers such as Google, GitHub, GitLab, Facebook or Dropbox lack CSRF protection, since they don't send a state parameter and verify the response using this parameter. This vulnerability is fixed in 1.10.4.
Risk Information
cvss3
Base: 3.7
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
Description
Langflow versions up to and including 1.6.9 contain a chained vulnerability that enables account takeover and remote code execution. An overly permissive CORS configuration (allow_origins='*' with allow_credentials=True) combined with a refresh token cookie configured as SameSite=None allows a malicious webpage to perform cross-origin requests that include credentials and successfully call the refresh endpoint. An attacker-controlled origin can therefore obtain fresh access_token / refresh_token pairs for a victim session. Obtained tokens permit access to authenticated endpoints — including built-in code-execution functionality — allowing the attacker to execute arbitrary code and achieve full system compromise.
Risk Information
cvss4
Base: 9.4
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A vulnerability was detected in xerrors Yuxi-Know up to 0.4.0. This vulnerability affects the function OtherEmbedding.aencode of the file /src/models/embed.py. Performing manipulation of the argument health_url results in server-side request forgery. The attack can be initiated remotely. The exploit is now public and may be used. The patch is named 0ff771dc1933d5a6b78f804115e78a7d8625c3f3. To fix this issue, it is recommended to deploy a patch. The vendor responded with a vulnerability confirmation and a list of security measures they have established already (e.g. disabled URL parsing, disabled URL upload mode, removed URL-to-markdown conversion).
Risk Information
cvss2
Base: 5.8
Severity: LOW
AV:N/AC:L/Au:M/C:P/I:P/A:P
cvss3
Base: 4.7
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 5.1
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A security vulnerability has been detected in Rarlab RAR App up to 7.11 Build 127 on Android. This affects an unknown part of the component com.rarlab.rar. Such manipulation leads to path traversal. It is possible to launch the attack remotely. Attacks of this nature are highly complex. It is indicated that the exploitability is difficult. The exploit has been disclosed publicly and may be used. Upgrading to version 7.20 build 128 is able to mitigate this issue. You should upgrade the affected component. The vendor responded very professional: "This is the real vulnerability affecting RAR for Android only. WinRAR and Unix RAR versions are not affected. We already fixed it in RAR for Android 7.20 build 128 and we publicly mentioned it in that version changelog. (...) To avoid confusion among users, it would be useful if such disclosure emphasizes that it is RAR for Android only issue and WinRAR isn't affected."
Risk Information
cvss2
Base: 5.1
Severity: HIGH
AV:N/AC:H/Au:N/C:P/I:P/A:P
cvss3
Base: 5.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
cvss4
Base: 2.3
Severity: HIGH
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A weakness has been identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this issue is the function zfilev2_api.OpenSafe of the file /v2/file/safe/open of the component HTTP POST Request Handler. This manipulation of the argument safe_dir causes command injection. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 9.0
Severity: LOW
AV:N/AC:L/Au:S/C:C/I:C/A:C
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss4
Base: 7.4
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=smile-brands-inc.' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
