Steelcase
Company Details
Linkedin ID:
steelcase
Website:
Employees number:
8,708
Number of followers:
319,458
NAICS:
337
Industry Type:
Homepage:
steelcase.com
IP Addresses:
0
Company ID:
STE_2021355
Scan Status:
In-progress
Steelcase Company CyberSecurity Posture
steelcase.com
Work, at its best, is the wonder of what human beings can make possible. At Steelcase, we help people do their best work by creating places that work better. For over a century, we have designed, manufactured and partnered with the world’s leading organizations to create an expansive range of furnishings and solutions for all the places where work happens — including learning, health and working from home. We are driven to deeply understand the changing realities of work that our customers face. Through human-centered research and critical design-thinking, we uncover insights that lead us to innovation and breakthrough design. Our solutions come to life through talented design professionals and our Steelcase dealer community, who provide local expertise and tailored experiences with the global power of Steelcase. And because we recognize that we must do our best work for the places we all share, we stand together for people and the planet — using our business as a force for good to help the world work better.
Steelcase A.I CyberSecurity Scoring
Steelcase Risk Score (AI oriented)Between 700 and 749
Steelcase
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Steelcase Global Score (TPRM)XXXX
Steelcase
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Steelcase Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Steelcase
Ransomware
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: Office furniture giant Steelcase suffered a ransomware attack that forced them to shut down their network to contain the attack's spread. The Ryuk Ransomware threat actors utilized either the BazarLoader or TrickBot infections to compromise its network. However, the company soon engaged in restoring the affected systems and returning to normal levels of operation.
Steelcase Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Steelcase
Incidents vs Furniture and Home Furnishings Manufacturing Industry Average (This Year)
No incidents recorded for Steelcase in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Steelcase in 2025.
Incident Types Steelcase vs Furniture and Home Furnishings Manufacturing Industry Avg (This Year)
No incidents recorded for Steelcase in 2025.
Incident History — Steelcase (X = Date, Y = Severity)
Steelcase cyber incidents detection timeline including parent company and subsidiaries
Steelcase Company Subsidiaries
Work, at its best, is the wonder of what human beings can make possible. At Steelcase, we help people do their best work by creating places that work better. For over a century, we have designed, manufactured and partnered with the world’s leading organizations to create an expansive range of furnishings and solutions for all the places where work happens — including learning, health and working from home. We are driven to deeply understand the changing realities of work that our customers face. Through human-centered research and critical design-thinking, we uncover insights that lead us to innovation and breakthrough design. Our solutions come to life through talented design professionals and our Steelcase dealer community, who provide local expertise and tailored experiences with the global power of Steelcase. And because we recognize that we must do our best work for the places we all share, we stand together for people and the planet — using our business as a force for good to help the world work better.
Loading...
Steelcase Similar Companies
Home Zone Furniture
Home Zone Furniture is a family-owned furniture manufacturer and retailer based in the Dallas/Fort Worth area. Founded by Bree Barber, mother of four, Home Zone strives to bring customers furniture with style for everyone that anyone can afford. Bree saw an opportunity in the furniture industry to d
Hardwood Artisans
Welcome to Hardwood Artisans, where craftsmanship meets creativity in the heart of Culpeper County, Virginia. About Us: At Hardwood Artisans, we take pride in transforming premium hardwoods into timeless pieces of furniture that enhance your living spaces. With a passion for craftsmanship and an un
Home At Last, Inc
Home At Last, Inc is an upscale furniture and home accessory consignment store. Located only 1-1/2 miles off of Interstate 85 at the Pelham Road exit. HOME AT LAST is not a thrift store, flea market, or garage sale! Home at Last utilizes an excellent location for our showroom to display and sell
Ivan Smith Furniture
Founded in 1961, by Ivan Smith, Sr., Ivan Smith Furniture is a third-generation, family-owned business headquartered in Shreveport, Louisiana. Ivan Smith Furniture employs over 700 people and operates 48 stores in Arkansas, Louisiana, and Texas, of which 5 are Ashley Home Stores. A cornersto
Dekker Zevenhuizen
Dekker Zevenhuizen is een familiebedrijf en al jarenlang toonaangevend in de Nederlandse woonmarkt. Ons bedrijf is verregaand gespecialiseerd in het bewerken van hoogwaardige materialen tot maatwerkbladen voor het hele interieur. U herkent de bladen aan de exclusieve kleuren en de strakke afwerking.
The Telcar Group
Telcar is best described as a well established, financially sound group of wholly owned and aligned companies with a specific objective in mind; provide well managed, seamless and a controlled portfolio of professional and competitive contract furnishings and support services. Delivering quality pro
.png)
Steelcase CyberSecurity News
May 28, 2025 07:00 AM
Scott McKee Obituary - Byron Center, MI
Celebrate the life of Scott McKee, leave a kind word or memory and get funeral service information care of Cook Funeral Home & Cremation...
April 20, 2025 07:00 AM
Steelcase Karman High Back Review: Adaptable frame, now with a headrest
Steelcase's Karman High Back is the high-backed version of its popular, lightweight task chair that we loved, and it's just as good...
October 08, 2024 02:02 AM
World"s Largest Office Furniture Maker Hit with Ryuk Ransomware
The ransomware gang behind the recent attack on Sopra Steria is making new headlines this week, this time for an attack on the world”s top office furniture...
March 20, 2024 07:00 AM
Steelcase Karman Review: Surprisingly Adaptable
Steelcase's Karman is a comfortable mesh task chair with a weight-activated frame that moves with your body and adapts to your posture.
July 04, 2023 09:09 AM
Logitech and Steelcase Reveal Project Ghost for More Personal Communications
The News: On Day 1 of Integrated Systems Europe (ISE) 2023, Logitech, in partnership with Steelcase, revealed their new video conferencing device code-named...
May 23, 2023 07:00 AM
Auto supplier Gentex hit by ransomware attack
Zeeland-based automotive supplier Gentex Corp. suffered cyberattack several months ago, joining the growing ranks of manufacturers...
March 28, 2023 07:00 AM
5 Web Application Firewall Case Studies
Web Application Firewalls strengthen the security performance of websites. Data breaches are expensive and can do irreversible damage to...
November 12, 2020 08:00 AM
Steelcase furniture giant down for 2 weeks after ransomware attack
Office furniture giant Steelcase says that no information was stolen during a Ryuk ransomware attack that forced them to shut down global operations for...
November 12, 2020 08:00 AM
Furniture maker Steelcase shut down for two weeks following ransomware attack
A recent ransomware attack targeting furniture maker Steelcase Inc. caused the company to shut down operations for two weeks, according to...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Steelcase CyberSecurity History Information
Official Website of Steelcase
The official website of Steelcase is https://www.steelcase.com.
Steelcase’s AI-Generated Cybersecurity Score
According to Rankiteo, Steelcase’s AI-generated cybersecurity score is 733, reflecting their Moderate security posture.
How many security badges does Steelcase’ have ?
According to Rankiteo, Steelcase currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Steelcase have SOC 2 Type 1 certification ?
According to Rankiteo, Steelcase is not certified under SOC 2 Type 1.
Does Steelcase have SOC 2 Type 2 certification ?
According to Rankiteo, Steelcase does not hold a SOC 2 Type 2 certification.
Does Steelcase comply with GDPR ?
According to Rankiteo, Steelcase is not listed as GDPR compliant.
Does Steelcase have PCI DSS certification ?
According to Rankiteo, Steelcase does not currently maintain PCI DSS compliance.
Does Steelcase comply with HIPAA ?
According to Rankiteo, Steelcase is not compliant with HIPAA regulations.
Does Steelcase have ISO 27001 certification ?
According to Rankiteo,Steelcase is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Steelcase
Steelcase operates primarily in the Furniture and Home Furnishings Manufacturing industry.
Number of Employees at Steelcase
Steelcase employs approximately 8,708 people worldwide.
Subsidiaries Owned by Steelcase
Steelcase presently has no subsidiaries across any sectors.
Steelcase’s LinkedIn Followers
Steelcase’s official LinkedIn profile has approximately 319,458 followers.
NAICS Classification of Steelcase
Steelcase is classified under the NAICS code 337, which corresponds to Furniture and Related Product Manufacturing.
Steelcase’s Presence on Crunchbase
No, Steelcase does not have a profile on Crunchbase.
Steelcase’s Presence on LinkedIn
Yes, Steelcase maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/steelcase.
Cybersecurity Incidents Involving Steelcase
As of November 28, 2025, Rankiteo reports that Steelcase has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Steelcase has an estimated 2,617 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Steelcase ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
How does Steelcase detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with network shutdown, and remediation measures with restoring affected systems..
Incident Details
Can you provide details on each incident ?
Title: Steelcase Ransomware Attack
Description: Office furniture giant Steelcase suffered a ransomware attack that forced them to shut down their network to contain the attack's spread. The Ryuk Ransomware threat actors utilized either the BazarLoader or TrickBot infections to compromise its network. However, the company soon engaged in restoring the affected systems and returning to normal levels of operation.
Type: Ransomware
Attack Vector: BazarLoaderTrickBot
Threat Actor: Ryuk Ransomware
Motivation: Financial
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
Impact of the Incidents
Which entities were affected by each incident ?
Incident : Ransomware STE215191122
Entity Name: Steelcase
Entity Type: Corporation
Industry: Office Furniture
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Ransomware STE215191122
Containment Measures: Network shutdown
Remediation Measures: Restoring affected systems
Data Breach Information
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Restoring affected systems.
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by network shutdown.
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Ransomware STE215191122
Ransomware Strain: Ryuk
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Ryuk Ransomware.
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Network shutdown.
.png)
Latest Global CVEs (Not Company-Specific)
Description
ThingsBoard in versions prior to v4.2.1 allows an authenticated user to upload malicious SVG images via the "Image Gallery", leading to a Stored Cross-Site Scripting (XSS) vulnerability. The exploit can be triggered when any user accesses the public API endpoint of the malicious SVG images, or if the malicious images are embedded in an `iframe` element, during a widget creation, deployed to any page of the platform (e.g., dashboards), and accessed during normal operations. The vulnerability resides in the `ImageController`, which fails to restrict the execution of JavaScript code when an image is loaded by the user's browser. This vulnerability can lead to the execution of malicious code in the context of other users' sessions, potentially compromising their accounts and allowing unauthorized actions.
Risk Information
cvss4
Base: 6.2
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to to verify that the token used during the code exchange originates from the same authentication flow, which allows an authenticated user to perform account takeover via a specially crafted email address used when switching authentication methods and sending a request to the /users/login/sso/code-exchange endpoint. The vulnerability requires ExperimentalEnableAuthenticationTransfer to be enabled (default: enabled) and RequireEmailVerification to be disabled (default: disabled).
Risk Information
cvss3
Base: 9.9
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
References
Description
Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to sanitize team email addresses to be visible only to Team Admins, which allows any authenticated user to view team email addresses via the GET /api/v4/channels/{channel_id}/common_teams endpoint
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
References
Description
Exposure of email service credentials to users without administrative rights in Devolutions Server.This issue affects Devolutions Server: before 2025.2.21, before 2025.3.9.
Description
Exposure of credentials in unintended requests in Devolutions Server.This issue affects Server: through 2025.2.20, through 2025.3.8.
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=steelcase' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
