SBL
Company Details
Linkedin ID:
socialblade
Website:
Employees number:
14
Number of followers:
1,404
NAICS:
513
Industry Type:
Homepage:
socialblade.com
IP Addresses:
0
Company ID:
SOC_5112180
Scan Status:
In-progress
Social Blade LLC Company CyberSecurity Posture
socialblade.com
Social Blade was founded in 2008 originally as a resource for Digg users to track their success on the Social News site, but has expanded to YouTube, Twitter, Twitch and Instagram as well. Now the number one priority of our company is to provide YouTube, Twitch, and Instagram Users with a way to track their channels statistics and compare themselves with others.
Social Blade LLC A.I CyberSecurity Scoring
SBL Risk Score (AI oriented)Between 700 and 749
SBL
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
SBL Global Score (TPRM)XXXX
SBL
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
SBL Company CyberSecurity News & History
Past Incidents
2
Attack Types
2
Social Blade LLC
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: Social Blade, a popular data analytics tool suffered a data breach incident in December 2022. The hackers were selling the personally identifying information, including email and internet protocol (IP) addresses, hashes used to conceal passwords, client IDs, and authentication tokens for connected accounts on a dark web forum. The individual apparently made use of a vulnerability on their website to gain access to the database. The company immediately worked to investigate the incident and notified the affected individuals.
Social Blade LLC
Data Leak
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Social Blade, an online analytics company based in Raleigh, North Carolina, was hacked that leaked the details of 13,009 forum users and 273,086 website users. The compromised information includes email addresses, usernames, user IDs, password hashes, and IP addresses. The hackers also obtained YouTube, Instagram, and Twitter authentication tokens for thousands of users, along with analytics data. The company investigated the incident and decided to reset all user passwords.
SBL Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for SBL
Incidents vs Technology, Information and Internet Industry Average (This Year)
No incidents recorded for Social Blade LLC in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Social Blade LLC in 2025.
Incident Types SBL vs Technology, Information and Internet Industry Avg (This Year)
No incidents recorded for Social Blade LLC in 2025.
Incident History — SBL (X = Date, Y = Severity)
SBL cyber incidents detection timeline including parent company and subsidiaries
SBL Company Subsidiaries
Social Blade was founded in 2008 originally as a resource for Digg users to track their success on the Social News site, but has expanded to YouTube, Twitter, Twitch and Instagram as well. Now the number one priority of our company is to provide YouTube, Twitch, and Instagram Users with a way to track their channels statistics and compare themselves with others.
Loading...
SBL Similar Companies
NetEase
As a leading internet technology company based in China, NetEase, Inc. (NASDAQ: NTES and HKEX:9999, "NetEase") provides premium online services centered around content creation. With extensive offerings across its expanding gaming ecosystem, NetEase develops and operates some of China's most popula
Mercado Livre Brasil
Fundada em 1999, MercadoLivre é uma companhia de tecnologia líder em comércio eletrônico na América Latina. Por meio de suas principais plataformas MercadoLivre.com e MercadoPago.com, oferece soluções de comércio eletrônico para que pessoas e empresas possam comprar, vender, pagar e anunciar produto
Swiggy is India’s pioneering on-demand convenience platform, catering to millions of consumers each month. Founded in 2014, its mission is to elevate the quality of life for the urban consumer by offering unparalleled convenience. With an extensive footprint in food delivery, Swiggy Food collaborate
Launched in May 2003, Taobao Marketplace (www.taobao.com) is the online shopping destination of choice for Chinese consumers looking for wide selection, value and convenience. Shoppers choose from a wide range of products and services on Taobao Marketplace, which features hundreds of millions of pro
OYO is a global platform that aims to empower entrepreneurs and small businesses with hotels and homes by providing full-stack technology products and services that aims to increase revenue and ease operations; bringing easy-to-book, affordable, and trusted accommodation to customers around the worl
Avnet
Avnet is a global electronic components distributor with extensive design, product, marketing and supply chain expertise for customers and suppliers at every stage of the product lifecycle. For the past 100 years, Avnet has helped its customers and suppliers around the world realize the transformati
Flipkart
At Flipkart, we're driven by our purpose of empowering every Indian's dream by delivering value through innovation in technology and commerce. With a customer base of over 350 million, product coverage of over 150 million across 80+ categories, a focus on generating direct and indirect employment an
At eBay, we create pathways to connect millions of sellers and buyers in more than 190 markets around the world. Our technology empowers our customers, providing everyone the opportunity to grow and thrive — no matter who they are or where they are in the world. And the ripple effect of our work cre
Booking Holdings is the world’s leading provider of online travel & related services, provided to consumers and local partners in more than 220 countries and territories through six primary consumer-facing brands: Booking.com, Priceline, Agoda, Rentalcars.com, KAYAK and OpenTable. Collectively, Book
.png)
SBL CyberSecurity News
December 22, 2025 05:33 AM
Why businesses can no longer treat cybersecurity as an IT problem
For many years, cybersecurity teams prioritised developing impregnable defenses like firewalls, intrusion prevention systems, and antivirus...
December 22, 2025 05:29 AM
AI is creating a security problem most companies aren't staffed to handle, says an AI researcher
Companies may have cybersecurity teams in place, but many still aren't prepared for how AI systems actually fail, says an AI security...
December 22, 2025 05:27 AM
ESMC Welcomes EU Focus on Solar Inverter Cybersecurity, Launches New Industry Forum
The European Solar Manufacturing Council (ESMC) welcomes the EU's Economic Security Doctrine highlighting cybersecurity risks from Chinese...
December 22, 2025 04:45 AM
Cyberport, government and industry unite to build AI-driven cybersecurity shield for Hong Kong
Hong Kong is strengthening its digital defences as government, industry and technology leaders join forces to confront a rapidly evolving...
December 22, 2025 04:13 AM
Navigating A New Era of Aviation Cybersecurity
For its final event of 2025, AAIS co-organised a seminar on “Securing the Skies Ahead: Navigating the New Era of Aviation Cybersecurity” with CyberSafe on...
December 22, 2025 03:25 AM
AI-Driven D3O-IIoT Framework Uses Deep Reinforcement Learning to Enhance Industrial Cybersecurity
Researchers have introduced a new approach to enhance security in the Industrial Internet of Things (IIoT) using artificial...
December 21, 2025 07:01 PM
The Trump Administration Prepares A New Cybersecurity Strategy For 2026
As cybersecurity threats continue to accelerate across nation-states, criminal organizations and global supply chains, the U.S. government...
December 21, 2025 05:00 PM
Acting CISA director failed a polygraph. Career staff are now under investigation.
At least six career staff were placed on leave after DHS opened an investigation into whether they misled the agency's acting director,...
December 21, 2025 01:51 PM
The Trump Administration Preparing New Cybersecurity Strategy For 2026
Public reporting suggests the Trump administration is preparing a national cybersecurity strategy for 2026. Here is what is known so far and...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
SBL CyberSecurity History Information
Official Website of Social Blade LLC
The official website of Social Blade LLC is http://socialblade.com.
Social Blade LLC’s AI-Generated Cybersecurity Score
According to Rankiteo, Social Blade LLC’s AI-generated cybersecurity score is 714, reflecting their Moderate security posture.
How many security badges does Social Blade LLC’ have ?
According to Rankiteo, Social Blade LLC currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Social Blade LLC have SOC 2 Type 1 certification ?
According to Rankiteo, Social Blade LLC is not certified under SOC 2 Type 1.
Does Social Blade LLC have SOC 2 Type 2 certification ?
According to Rankiteo, Social Blade LLC does not hold a SOC 2 Type 2 certification.
Does Social Blade LLC comply with GDPR ?
According to Rankiteo, Social Blade LLC is not listed as GDPR compliant.
Does Social Blade LLC have PCI DSS certification ?
According to Rankiteo, Social Blade LLC does not currently maintain PCI DSS compliance.
Does Social Blade LLC comply with HIPAA ?
According to Rankiteo, Social Blade LLC is not compliant with HIPAA regulations.
Does Social Blade LLC have ISO 27001 certification ?
According to Rankiteo,Social Blade LLC is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Social Blade LLC
Social Blade LLC operates primarily in the Technology, Information and Internet industry.
Number of Employees at Social Blade LLC
Social Blade LLC employs approximately 14 people worldwide.
Subsidiaries Owned by Social Blade LLC
Social Blade LLC presently has no subsidiaries across any sectors.
Social Blade LLC’s LinkedIn Followers
Social Blade LLC’s official LinkedIn profile has approximately 1,404 followers.
NAICS Classification of Social Blade LLC
Social Blade LLC is classified under the NAICS code 513, which corresponds to Others.
Social Blade LLC’s Presence on Crunchbase
No, Social Blade LLC does not have a profile on Crunchbase.
Social Blade LLC’s Presence on LinkedIn
Yes, Social Blade LLC maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/socialblade.
Cybersecurity Incidents Involving Social Blade LLC
As of December 22, 2025, Rankiteo reports that Social Blade LLC has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
Social Blade LLC has an estimated 13,273 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Social Blade LLC ?
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak and Breach.
How does Social Blade LLC detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an remediation measures with reset all user passwords, and communication strategy with notified affected individuals..
Incident Details
Can you provide details on each incident ?
Title: Social Blade Data Breach
Description: Social Blade, an online analytics company based in Raleigh, North Carolina, was hacked that leaked the details of 13,009 forum users and 273,086 website users. The compromised information includes email addresses, usernames, user IDs, password hashes, and IP addresses. The hackers also obtained YouTube, Instagram, and Twitter authentication tokens for thousands of users, along with analytics data. The company investigated the incident and decided to reset all user passwords.
Type: Data Breach
Title: Social Blade Data Breach
Description: Social Blade, a popular data analytics tool, suffered a data breach incident in December 2022. The hackers were selling personally identifying information, including email and internet protocol (IP) addresses, hashes used to conceal passwords, client IDs, and authentication tokens for connected accounts on a dark web forum. The individual apparently made use of a vulnerability on their website to gain access to the database. The company immediately worked to investigate the incident and notified the affected individuals.
Date Detected: December 2022
Type: Data Breach
Attack Vector: Website Vulnerability
Vulnerability Exploited: Website Vulnerability
Motivation: Financial Gain
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Website Vulnerability.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach SOC2111622
Data Compromised: Email addresses, Usernames, User ids, Password hashes, Ip addresses, Youtube authentication tokens, Instagram authentication tokens, Twitter authentication tokens, Analytics data
Incident : Data Breach SOC2225161222
Data Compromised: Email addresses, Ip addresses, Hashes used to conceal passwords, Client ids, Authentication tokens
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Email Addresses, Usernames, User Ids, Password Hashes, Ip Addresses, Youtube Authentication Tokens, Instagram Authentication Tokens, Twitter Authentication Tokens, Analytics Data, , Email Addresses, Ip Addresses, Hashes Used To Conceal Passwords, Client Ids, Authentication Tokens and .
Which entities were affected by each incident ?
Incident : Data Breach SOC2111622
Entity Name: Social Blade
Entity Type: Company
Industry: Online Analytics
Location: Raleigh, North Carolina
Customers Affected: 13,009 forum users, 273,086 website users
Incident : Data Breach SOC2225161222
Entity Name: Social Blade
Entity Type: Company
Industry: Data Analytics
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach SOC2111622
Remediation Measures: reset all user passwords
Incident : Data Breach SOC2225161222
Communication Strategy: Notified affected individuals
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach SOC2111622
Type of Data Compromised: Email addresses, Usernames, User ids, Password hashes, Ip addresses, Youtube authentication tokens, Instagram authentication tokens, Twitter authentication tokens, Analytics data
Number of Records Exposed: 13,009 forum users, 273,086 website users
Incident : Data Breach SOC2225161222
Type of Data Compromised: Email addresses, Ip addresses, Hashes used to conceal passwords, Client ids, Authentication tokens
Sensitivity of Data: High
Data Exfiltration: Yes
Data Encryption: Hashed passwords
Personally Identifiable Information: Yes
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: reset all user passwords, .
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach SOC2225161222
Investigation Status: Investigation initiated
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Notified affected individuals.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach SOC2225161222
Entry Point: Website Vulnerability
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach SOC2225161222
Root Causes: Website Vulnerability
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on December 2022.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were email addresses, usernames, user IDs, password hashes, IP addresses, YouTube authentication tokens, Instagram authentication tokens, Twitter authentication tokens, analytics data, , email addresses, IP addresses, hashes used to conceal passwords, client IDs, authentication tokens and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Twitter authentication tokens, email addresses, usernames, analytics data, Instagram authentication tokens, YouTube authentication tokens, hashes used to conceal passwords, user IDs, client IDs, password hashes, authentication tokens and IP addresses.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 286.1K.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Investigation initiated.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Website Vulnerability.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Versa SASE Client for Windows versions released between 7.8.7 and 7.9.4 contain a local privilege escalation vulnerability in the audit log export functionality. The client communicates user-controlled file paths to a privileged service, which performs file system operations without impersonating the requesting user. Due to improper privilege handling and a time-of-check time-of-use race condition combined with symbolic link and mount point manipulation, a local authenticated attacker can coerce the service into deleting arbitrary directories with SYSTEM privileges. This can be exploited to delete protected system folders such as C:\\Config.msi and subsequently achieve execution as NT AUTHORITY\\SYSTEM via MSI rollback techniques.
Risk Information
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to unauthorized modification of data due to a missing capability check on the 'cs_update_application_status_callback' function in all versions up to, and including, 7.7. This makes it possible for authenticated attackers, with Candidate-level access and above, to inject cross-site scripting into the 'status' parameter of applied jobs for any user.
Risk Information
cvss3
Base: 7.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Description
The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 7.7 via the 'cs_update_application_status_callback' due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Candidate-level access and above, to send a site-generated email with injected HTML to any user.
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Description
The FiboSearch – Ajax Search for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `thegem_te_search` shortcode in all versions up to, and including, 1.32.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This vulnerability requires TheGem theme (premium) to be installed with Header Builder mode enabled, and the FiboSearch "Replace search bars" option enabled for TheGem integration.
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
References
- https://plugins.trac.wordpress.org/browser/ajax-search-for-woocommerce/tags/1.32.0/partials/themes/thegem-elementor.php#L104
- https://plugins.trac.wordpress.org/browser/ajax-search-for-woocommerce/tags/1.32.0/partials/themes/thegem-elementor.php#L94
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3420841%40ajax-search-for-woocommerce%2Ftrunk&old=3398612%40ajax-search-for-woocommerce%2Ftrunk&sfp_email=&sfph_mail=#file136
- https://wordpress.org/plugins/ajax-search-for-woocommerce
- https://www.wordfence.com/threat-intel/vulnerabilities/id/8149103e-105d-401d-8a15-b07d131baaac?source=cve
Description
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.0 via the ajax_get_members function. This is due to the use of a predictable low-entropy token (5 hex characters derived from md5 of post ID) to identify member directories and insufficient authorization checks on the unauthenticated AJAX endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including usernames, display names, user roles (including administrator accounts), profile URLs, and user IDs by enumerating predictable directory_id values or brute-forcing the small 16^5 token space.
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
References
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/class-functions.php#L41
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/core/class-ajax-common.php#L61
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/core/class-member-directory.php#L205
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/core/class-member-directory.php#L2795
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/templates/members.php#L26
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3421362%40ultimate-member%2Ftrunk&old=3408617%40ultimate-member%2Ftrunk&sfp_email=&sfph_mail=
- https://www.wordfence.com/threat-intel/vulnerabilities/id/61337d2d-d15a-45f2-b730-fc034eb3cd31?source=cve
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=socialblade' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
