SSN Holdings
Company Details
Linkedin ID:
ssn-holdings
Website:
Employees number:
3
Number of followers:
9
NAICS:
5411
Industry Type:
Homepage:
http://www.casemakerlegal.com
IP Addresses:
0
Company ID:
SSN_5664656
Scan Status:
In-progress
SSN Holdings Company CyberSecurity Posture
http://www.casemakerlegal.com
Casemaker is in partnership with your State Bar, and 27 other state bars, whose mission is to provide you with the highest level of primary legal research and knowledge discovery. Because of the combined strength of the consortium's aggregated members and customized data, the Casemaker Consortium is working to expand the depth and breadth of content and services in order to meet your full knowledge discovery needs. Strategic partnerships, such as treatises from the ABA, are expanding your ability to search publications and journals with just one click.
SSN Holdings A.I CyberSecurity Scoring
SSN Holdings Risk Score (AI oriented)Between 700 and 749
SSN Holdings
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
SSN Holdings Global Score (TPRM)XXXX
SSN Holdings
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
SSN Holdings Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Casemaker, LLC
Breach
Rankiteo Explanation
Attack without any consequences
Description: On March 1, 2021, the Maine Attorney General reported a data breach involving Casemaker, LLC and Lawriter, LLC. The breach, which occurred between July 15, 2020, and October 31, 2020, involved unauthorized access to the Casemaker Libra platform, potentially affecting 6,898 individuals, including 13 residents of Virginia. Personal information such as names, addresses, email addresses, and passwords may have been compromised.
SSN Holdings Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for SSN Holdings
Incidents vs Legal Services Industry Average (This Year)
No incidents recorded for SSN Holdings in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for SSN Holdings in 2025.
Incident Types SSN Holdings vs Legal Services Industry Avg (This Year)
No incidents recorded for SSN Holdings in 2025.
Incident History — SSN Holdings (X = Date, Y = Severity)
SSN Holdings cyber incidents detection timeline including parent company and subsidiaries
SSN Holdings Company Subsidiaries
Casemaker is in partnership with your State Bar, and 27 other state bars, whose mission is to provide you with the highest level of primary legal research and knowledge discovery. Because of the combined strength of the consortium's aggregated members and customized data, the Casemaker Consortium is working to expand the depth and breadth of content and services in order to meet your full knowledge discovery needs. Strategic partnerships, such as treatises from the ABA, are expanding your ability to search publications and journals with just one click.
Loading...
SSN Holdings Similar Companies
Cardozo Arts & Entertainment Law Journal
Since 1982, the Cardozo Arts & Entertainment Law Journal (AELJ) has been a leader in national and international legal scholarship. When the Journal was founded, President Ronald Reagan wrote: "I know that the Journal will display the same devotion to excellence to which Justice Cardozo was, and Yesh
Michael B. Allen Law Group, Inc.
Whatever the legal issue, the law firm you choose to advise or protect your interests is important. At Michael B. Allen Law Group, Inc., in San Mateo, California, we offer clients with concerns involving construction law or real estate law an ideal blend of experience, integrity, close personal atte
Nolo
Today, over 76% of consumers start their search for legal information or an attorney online.[i] Yet, with all of the resources available, the law can still be hard to understand and intimidating. We strive to make the law accessible to everyone—to help people find answers to everyday legal and busin
Illinois Bar Foundation
Over fifty years ago, a handful of visionary leaders founded the Illinois Bar Foundation. Their initial commitment was to provide aid to deserving members of the Illinois Bar who, because of age or infirmity, could no longer provide for their own care or support. Since then, the Foundation has expan
Pinney Talfourd Solicitors
Pinney Talfourd Solicitors is a leading Legal 500 law firm with office in Essex and London. We offer a first-class service to both individuals and businesses and have been doing so for over 100 years. We have offices in Brentwood, Chelmsford, Hornchurch and Upminster, alongside office facilities i
Leopard Solutions
Leopard Solutions, a SurePoint Company, is a leading legal market intelligence provider that offers unparalleled benchmarking insights and intelligence for the legal community seeking to build an analytical understanding for better business and recruiting strategies. Our diverse data solutions cater
.png)
SSN Holdings CyberSecurity News
October 17, 2025 07:00 AM
Cl0p Ransomware Group Claims American Airlines Breach
Cl0p ransomware operators claim to have breached American Airlines, signaling a growing cyber threat to global transportation systems.
June 04, 2025 07:00 AM
Take It From a Cybersecurity Expert — 'Frankenstein Fraud' Is One Monster You Want to Avoid
Criminals are stitching together stolen bits of information to create identities. Here's how to prevent it from happening to you.
March 08, 2025 05:06 AM
National Public Data breach publishes private data of 2.9B U.S. citizens
A cyber criminal group called USDoD has posted a database containing the private data of 2.9 billion US citizens, including full names, social security numbers...
February 10, 2025 08:00 AM
Is DOGE a cybersecurity threat? A security expert explains the dangers of violating protocols and regulations that protect government computer systems
Richard Forno explains the dangers of DOGE violating security protocols that protect government computer systems.
February 02, 2025 08:00 AM
Exclusive: Musk aides lock workers out of OPM computer systems
Aides to Elon Musk charged with running the US government human resources agency have locked career civil servants out of computer systems.
January 23, 2025 08:00 AM
PayPal fined by New York for cybersecurity failures
PayPal will pay a $2 million civil fine over cybersecurity failures that led to the exposure of customers' Social Security numbers in late...
September 09, 2024 07:00 AM
Huge data breach involving social security numbers could impact millions of Americans
Over 270 million Americans may have had their social security number leaked on the dark web. The latest breach involved National Public Data...
August 21, 2024 07:00 AM
One of the Millions Impacted in the USDoD Social Security Data Breach? Here’s What to Do Next.
Millions of individuals could be at the mercy of cybercriminals after a hacking group launched a large-scale data breach impacting 2.9...
August 16, 2024 07:00 AM
Hackers Just Leaked a Bunch of Social Security Numbers. Here's What To Know
A group of hackers known as "USDoD" posted to a hacking forum claims that they had access to over 2.9 billion records stolen from a background checking company.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
SSN Holdings CyberSecurity History Information
Official Website of SSN Holdings
The official website of SSN Holdings is http://www.casemakerlegal.com.
SSN Holdings’s AI-Generated Cybersecurity Score
According to Rankiteo, SSN Holdings’s AI-generated cybersecurity score is 735, reflecting their Moderate security posture.
How many security badges does SSN Holdings’ have ?
According to Rankiteo, SSN Holdings currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does SSN Holdings have SOC 2 Type 1 certification ?
According to Rankiteo, SSN Holdings is not certified under SOC 2 Type 1.
Does SSN Holdings have SOC 2 Type 2 certification ?
According to Rankiteo, SSN Holdings does not hold a SOC 2 Type 2 certification.
Does SSN Holdings comply with GDPR ?
According to Rankiteo, SSN Holdings is not listed as GDPR compliant.
Does SSN Holdings have PCI DSS certification ?
According to Rankiteo, SSN Holdings does not currently maintain PCI DSS compliance.
Does SSN Holdings comply with HIPAA ?
According to Rankiteo, SSN Holdings is not compliant with HIPAA regulations.
Does SSN Holdings have ISO 27001 certification ?
According to Rankiteo,SSN Holdings is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of SSN Holdings
SSN Holdings operates primarily in the Legal Services industry.
Number of Employees at SSN Holdings
SSN Holdings employs approximately 3 people worldwide.
Subsidiaries Owned by SSN Holdings
SSN Holdings presently has no subsidiaries across any sectors.
SSN Holdings’s LinkedIn Followers
SSN Holdings’s official LinkedIn profile has approximately 9 followers.
NAICS Classification of SSN Holdings
SSN Holdings is classified under the NAICS code 5411, which corresponds to Legal Services.
SSN Holdings’s Presence on Crunchbase
No, SSN Holdings does not have a profile on Crunchbase.
SSN Holdings’s Presence on LinkedIn
Yes, SSN Holdings maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/ssn-holdings.
Cybersecurity Incidents Involving SSN Holdings
As of November 30, 2025, Rankiteo reports that SSN Holdings has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
SSN Holdings has an estimated 7,389 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at SSN Holdings ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
Incident Details
Can you provide details on each incident ?
Title: Data Breach at Casemaker, LLC and Lawriter, LLC
Description: Unauthorized access to the Casemaker Libra platform potentially affecting 6,898 individuals, including 13 residents of Virginia. Personal information such as names, addresses, email addresses, and passwords may have been compromised.
Date Detected: 2021-03-01
Date Publicly Disclosed: 2021-03-01
Type: Data Breach
Attack Vector: Unauthorized Access
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach SSN526072525
Data Compromised: Names, Addresses, Email addresses, Passwords
Systems Affected: Casemaker Libra platform
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Names, Addresses, Email Addresses, Passwords and .
Which entities were affected by each incident ?
Incident : Data Breach SSN526072525
Entity Name: Casemaker, LLC
Entity Type: Company
Industry: Legal Technology
Customers Affected: 6898
Incident : Data Breach SSN526072525
Entity Name: Lawriter, LLC
Entity Type: Company
Industry: Legal Technology
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach SSN526072525
Type of Data Compromised: Names, Addresses, Email addresses, Passwords
Number of Records Exposed: 6898
Personally Identifiable Information: namesaddressesemail addresses
References
Where can I find more information about each incident ?
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Maine Attorney GeneralDate Accessed: 2021-03-01.
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2021-03-01.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2021-03-01.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were names, addresses, email addresses, passwords and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Casemaker Libra platform.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were names, passwords, email addresses and addresses.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 697.0.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Maine Attorney General.
.png)
Latest Global CVEs (Not Company-Specific)
Description
A vulnerability was determined in motogadget mo.lock Ignition Lock up to 20251125. Affected by this vulnerability is an unknown functionality of the component NFC Handler. Executing manipulation can lead to use of hard-coded cryptographic key . The physical device can be targeted for the attack. A high complexity level is associated with this attack. The exploitation appears to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 1.2
Severity: HIGH
AV:L/AC:H/Au:N/C:P/I:N/A:N
cvss3
Base: 2.0
Severity: HIGH
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 1.0
Severity: HIGH
CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
OrangeHRM is a comprehensive human resource management (HRM) system. From version 5.0 to 5.7, the interview attachment retrieval endpoint in the Recruitment module serves files based solely on an authenticated session and user-supplied identifiers, without verifying whether the requester has permission to access the associated interview record. Because the server does not perform any recruitment-level authorization checks, an ESS-level user with no access to recruitment workflows can directly request interview attachment URLs and receive the corresponding files. This exposes confidential interview documents—including candidate CVs, evaluations, and supporting files—to unauthorized users. The issue arises from relying on predictable object identifiers and session presence rather than validating the user’s association with the relevant recruitment process. This issue has been patched in version 5.8.
Risk Information
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
OrangeHRM is a comprehensive human resource management (HRM) system. From version 5.0 to 5.7, the application’s recruitment attachment retrieval endpoint does not enforce the required authorization checks before serving candidate files. Even users restricted to ESS-level access, who have no permission to view the Recruitment module, can directly access candidate attachment URLs. When an authenticated request is made to the attachment endpoint, the system validates the session but does not confirm that the requesting user has the necessary recruitment permissions. As a result, any authenticated user can download CVs and other uploaded documents for arbitrary candidates by issuing direct requests to the attachment endpoint, leading to unauthorized exposure of sensitive applicant data. This issue has been patched in version 5.8.
Risk Information
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
OrangeHRM is a comprehensive human resource management (HRM) system. From version 5.0 to 5.7, the application does not invalidate existing sessions when a user is disabled or when a password change occurs, allowing active session cookies to remain valid indefinitely. As a result, a disabled user, or an attacker using a compromised account, can continue to access protected pages and perform operations as long as a prior session remains active. Because the server performs no session revocation or session-store cleanup during these critical state changes, disabling an account or updating credentials has no effect on already-established sessions. This makes administrative disable actions ineffective and allows unauthorized users to retain full access even after an account is closed or a password is reset, exposing the system to prolonged unauthorized use and significantly increasing the impact of account takeover scenarios. This issue has been patched in version 5.8.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
OrangeHRM is a comprehensive human resource management (HRM) system. From version 5.0 to 5.7, the password reset workflow does not enforce that the username submitted in the final reset request matches the account for which the reset process was originally initiated. After obtaining a valid reset link for any account they can receive email for, an attacker can alter the username parameter in the final reset request to target a different user. Because the system accepts the supplied username without verification, the attacker can set a new password for any chosen account, including privileged accounts, resulting in full account takeover. This issue has been patched in version 5.8.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=ssn-holdings' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
