Sonia Shankman Orthogenic School (The O-School) Company CyberSecurity Posture
oschool.org
Located in Chicago, Illinois, The Sonia Shankman Orthogenic School (the O-School) is a therapeutic residential and day program for children and adolescents in need of support for profound emotional issues or who are on the autism scale. The O-School provides highly refined and individualized care provided by a talented and devoted team of professionals. The O-School uses a milieu treatment therapeutic approach, meaning the support of its students is designed to be all encompassing. All activities/events are seen as therapeutic opportunities, and every aspects of a student's day are given considerable thought, care and attention. Members of a treatment team—including teachers, therapists, counselors and program managers—work cohesively to create a consistent and meaningful experience throughout each day. The O-School is also characterized by the heavy emphasis it places on the therapeutic relationships that develop between a student and his or her treatment team. Milieu staff members are actively involved with the students throughout the day, not simply monitoring or supervising them, but developing bonds and relationships that create a structure in which each child or adolescent can receive emotional support, develop new skills and sustain healthy relationships. Finally, the O-School distinguishes itself by providing a strong academic program that aligns with state and local standards within a therapeutic setting. This academic program is enhanced by a number of extra-curricular activities providing a more traditional school experience and facilitating each child’s transition back to their home school or to college. In order to ensure the highest standards, the School is accredited by a variety of state and independent organizations, including the Council on Accreditation, AdvancEd, the Illinois State Board of Education, the Illinois Department of Children and Family Services, and the Illinois Department of Human Services.
Company Details
sonia-shankman-orthogenic-school-at-the-university-of-chicago
64
659
62133
oschool.org
0
SON_2281324
In-progress
SSOS Risk Score (AI oriented)Between 750 and 799
SSOS Global Score (TPRM)XXXX
No incidents recorded for Sonia Shankman Orthogenic School (The O-School) in 2026.
No incidents recorded for Sonia Shankman Orthogenic School (The O-School) in 2026.
No incidents recorded for Sonia Shankman Orthogenic School (The O-School) in 2026.
SSOS cyber incidents detection timeline including parent company and subsidiaries
Located in Chicago, Illinois, The Sonia Shankman Orthogenic School (the O-School) is a therapeutic residential and day program for children and adolescents in need of support for profound emotional issues or who are on the autism scale. The O-School provides highly refined and individualized care provided by a talented and devoted team of professionals. The O-School uses a milieu treatment therapeutic approach, meaning the support of its students is designed to be all encompassing. All activities/events are seen as therapeutic opportunities, and every aspects of a student's day are given considerable thought, care and attention. Members of a treatment team—including teachers, therapists, counselors and program managers—work cohesively to create a consistent and meaningful experience throughout each day. The O-School is also characterized by the heavy emphasis it places on the therapeutic relationships that develop between a student and his or her treatment team. Milieu staff members are actively involved with the students throughout the day, not simply monitoring or supervising them, but developing bonds and relationships that create a structure in which each child or adolescent can receive emotional support, develop new skills and sustain healthy relationships. Finally, the O-School distinguishes itself by providing a strong academic program that aligns with state and local standards within a therapeutic setting. This academic program is enhanced by a number of extra-curricular activities providing a more traditional school experience and facilitating each child’s transition back to their home school or to college. In order to ensure the highest standards, the School is accredited by a variety of state and independent organizations, including the Council on Accreditation, AdvancEd, the Illinois State Board of Education, the Illinois Department of Children and Family Services, and the Illinois Department of Human Services.
Established in 1988, Arbor Counseling Center is a comprehensive psychotherapy practice that provides the highest quality counseling and consultation services to: Children, Adolescents, Adults, Couples, Families, Community Organizations, Businesses and Schools. We serve clients in the Northwest subur
Thrive Behavioral Health is a dynamic mental health program, offering both innovative off-site therapy and traditional clinic based services. We provide services to adults, children and families throughout the Baltimore-Washington area. Thrive's off-site therapy program is composed of a diverse g
I offer counseling services for individuals, couples and families. I am client centered in my approach. Every person and every situation is different. I value people’s experiences and strengths. I like to build on what it working and evaluate what is not working. We often develop ways of coping with
The Harrisonburg-Rockingham Community Services Board strives to provide excellent services and to partner with each individual to achieve his or her best recovery. We support infants and toddlers, school-aged youth, and adults across their lifespan. Programs are licensed by the Virginia Department o
The Florida Behavioral Health Association (FBHA) is a statewide trade association that represents over 70 community mental health and substance use treatment providers throughout the entire state. FBHA’s members span from Pensacola to Key West, serve over 604,000+ individuals each year, and provide
Founded in 1993, Signature Health is a Federally Qualified Health Center (FQHC) providing mental health, addiction recovery, primary care, infectious disease, pharmacy and lab services to patients of all ages. With 10 outpatient and residential locations in three Northeast Ohio counties (Ashtabula,
QCI Behavioral Health has taken leadership in the direction of flexible, cost-effective community-based service models that help individuals with mental disorders lead productive lives in the community. QCI’s task is to respond creatively to the growing impact of managed care on community-based h
The Sanar Institute is dedicated to healing individuals and communities impacted by trauma. Sanar works globally to address the impacts of traumatic events with a specific focus on all forms of human trafficking and interpersonal violence through both direct service provision and capacity strengtheni
The Growth Opportunity Center (GOC), founded in 1974 as a non-profit organization, provides quality and compassionate mental health services to adolescents, adults, and families throughout the Bucks, Montgomery, and Philadelphia regions. Our mission is to transform life's challenges into opportuniti
.png)
Explore top Chicagoland schools offering strong academics, unique programs, and supportive environments for every learner.
After an intense week of day-long courses on how to build their own food truck business, high school students from across the Chicagoland...
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
The official website of Sonia Shankman Orthogenic School (The O-School) is http://www.oschool.org.
According to Rankiteo, Sonia Shankman Orthogenic School (The O-School)’s AI-generated cybersecurity score is 755, reflecting their Fair security posture.
According to Rankiteo, Sonia Shankman Orthogenic School (The O-School) currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
According to Rankiteo, Sonia Shankman Orthogenic School (The O-School) has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
According to Rankiteo, Sonia Shankman Orthogenic School (The O-School) is not certified under SOC 2 Type 1.
According to Rankiteo, Sonia Shankman Orthogenic School (The O-School) does not hold a SOC 2 Type 2 certification.
According to Rankiteo, Sonia Shankman Orthogenic School (The O-School) is not listed as GDPR compliant.
According to Rankiteo, Sonia Shankman Orthogenic School (The O-School) does not currently maintain PCI DSS compliance.
According to Rankiteo, Sonia Shankman Orthogenic School (The O-School) is not compliant with HIPAA regulations.
According to Rankiteo,Sonia Shankman Orthogenic School (The O-School) is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Sonia Shankman Orthogenic School (The O-School) operates primarily in the Mental Health Care industry.
Sonia Shankman Orthogenic School (The O-School) employs approximately 64 people worldwide.
Sonia Shankman Orthogenic School (The O-School) presently has no subsidiaries across any sectors.
Sonia Shankman Orthogenic School (The O-School)’s official LinkedIn profile has approximately 659 followers.
Sonia Shankman Orthogenic School (The O-School) is classified under the NAICS code 62133, which corresponds to Offices of Mental Health Practitioners (except Physicians).
No, Sonia Shankman Orthogenic School (The O-School) does not have a profile on Crunchbase.
Yes, Sonia Shankman Orthogenic School (The O-School) maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/sonia-shankman-orthogenic-school-at-the-university-of-chicago.
As of January 22, 2026, Rankiteo reports that Sonia Shankman Orthogenic School (The O-School) has not experienced any cybersecurity incidents.
Sonia Shankman Orthogenic School (The O-School) has an estimated 5,277 peer or competitor companies worldwide.
Total Incidents: According to Rankiteo, Sonia Shankman Orthogenic School (The O-School) has faced 0 incidents in the past.
Incident Types: The types of cybersecurity incidents that have occurred include .
.png)
Backstage is an open framework for building developer portals, and @backstage/backend-defaults provides the default implementations and setup for a standard Backstage backend app. Prior to versions 0.12.2, 0.13.2, 0.14.1, and 0.15.0, the `FetchUrlReader` component, used by the catalog and other plugins to fetch content from URLs, followed HTTP redirects automatically. This allowed an attacker who controls a host listed in `backend.reading.allow` to redirect requests to internal or sensitive URLs that are not on the allowlist, bypassing the URL allowlist security control. This is a Server-Side Request Forgery (SSRF) vulnerability that could allow access to internal resources, but it does not allow attackers to include additional request headers. This vulnerability is fixed in `@backstage/backend-defaults` version 0.12.2, 0.13.2, 0.14.1, and 0.15.0. Users should upgrade to this version or later. Some workarounds are available. Restrict `backend.reading.allow` to only trusted hosts that you control and that do not issue redirects, ensure allowed hosts do not have open redirect vulnerabilities, and/or use network-level controls to block access from Backstage to sensitive internal endpoints.
Backstage is an open framework for building developer portals, and @backstage/cli-common provides config loading functionality used by the backend and command line interface of Backstage. Prior to version 0.1.17, the `resolveSafeChildPath` utility function in `@backstage/backend-plugin-api`, which is used to prevent path traversal attacks, failed to properly validate symlink chains and dangling symlinks. An attacker could bypass the path validation via symlink chains (creating `link1 → link2 → /outside` where intermediate symlinks eventually resolve outside the allowed directory) and dangling symlinks (creating symlinks pointing to non-existent paths outside the base directory, which would later be created during file operations). This function is used by Scaffolder actions and other backend components to ensure file operations stay within designated directories. This vulnerability is fixed in `@backstage/backend-plugin-api` version 0.1.17. Users should upgrade to this version or later. Some workarounds are available. Run Backstage in a containerized environment with limited filesystem access and/or restrict template creation to trusted users.
Backstage is an open framework for building developer portals. Multiple Scaffolder actions and archive extraction utilities were vulnerable to symlink-based path traversal attacks. An attacker with access to create and execute Scaffolder templates could exploit symlinks to read arbitrary files via the `debug:log` action by creating a symlink pointing to sensitive files (e.g., `/etc/passwd`, configuration files, secrets); delete arbitrary files via the `fs:delete` action by creating symlinks pointing outside the workspace, and write files outside the workspace via archive extraction (tar/zip) containing malicious symlinks. This affects any Backstage deployment where users can create or execute Scaffolder templates. This vulnerability is fixed in `@backstage/backend-defaults` versions 0.12.2, 0.13.2, 0.14.1, and 0.15.0; `@backstage/plugin-scaffolder-backend` versions 2.2.2, 3.0.2, and 3.1.1; and `@backstage/plugin-scaffolder-node` versions 0.11.2 and 0.12.3. Users should upgrade to these versions or later. Some workarounds are available. Follow the recommendation in the Backstage Threat Model to limit access to creating and updating templates, restrict who can create and execute Scaffolder templates using the permissions framework, audit existing templates for symlink usage, and/or run Backstage in a containerized environment with limited filesystem access.
FastAPI Api Key provides a backend-agnostic library that provides an API key system. Version 1.1.0 has a timing side-channel vulnerability in verify_key(). The method applied a random delay only on verification failures, allowing an attacker to statistically distinguish valid from invalid API keys by measuring response latencies. With enough repeated requests, an adversary could infer whether a key_id corresponds to a valid key, potentially accelerating brute-force or enumeration attacks. All users relying on verify_key() for API key authentication prior to the fix are affected. Users should upgrade to version 1.1.0 to receive a patch. The patch applies a uniform random delay (min_delay to max_delay) to all responses regardless of outcome, eliminating the timing correlation. Some workarounds are available. Add an application-level fixed delay or random jitter to all authentication responses (success and failure) before the fix is applied and/or use rate limiting to reduce the feasibility of statistical timing attacks.
The Flux Operator is a Kubernetes CRD controller that manages the lifecycle of CNCF Flux CD and the ControlPlane enterprise distribution. Starting in version 0.36.0 and prior to version 0.40.0, a privilege escalation vulnerability exists in the Flux Operator Web UI authentication code that allows an attacker to bypass Kubernetes RBAC impersonation and execute API requests with the operator's service account privileges. In order to be vulnerable, cluster admins must configure the Flux Operator with an OIDC provider that issues tokens lacking the expected claims (e.g., `email`, `groups`), or configure custom CEL expressions that can evaluate to empty values. After OIDC token claims are processed through CEL expressions, there is no validation that the resulting `username` and `groups` values are non-empty. When both values are empty, the Kubernetes client-go library does not add impersonation headers to API requests, causing them to be executed with the flux-operator service account's credentials instead of the authenticated user's limited permissions. This can result in privilege escalation, data exposure, and/or information disclosure. Version 0.40.0 patches the issue.
Get company history
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rapid