Comparison Overview

TGW Company

VS

The Hershey Company

TGW Company

10750 Hi Tech Dr, Whitmore Lake, Michigan, 48189, US
Last Update: 2025-03-09 (UTC)
Between 900 and 1000
http://tgwcompany.com/

Excellent

TGW Company is a top Amazon seller & eCommerce consultancy. Established in 2016, TGW was birthed to provide our own brands with accurate representation, and maximize online revenue. Two years later we are honored to be recognized on the 2018 Inc 5000 list of fastest growing companies in America! (https://www.inc.com/profile/tgw-company) Before we began selling on Amazon ourselves, we had a large network of dealers listing our products while we focused on the brick & mortar side of the business. Invariably, we experienced issues surrounding price protection and consistency required for quality product listings on Amazon. Over time we worked to establish our own Fulfillment by Amazon (FBA) professional seller account. Since opening our Amazon business our products have grown to over 10 million through our FBA.

NAICS: 339
NAICS Definition:
Employees: 8
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0

The Hershey Company

19 E Chocolate Ave, Hershey, Pennsylvania, 17033, US
Last Update: 2025-05-06 (UTC)

Excellent

Between 900 and 1000
https://www.thehersheycompany.com/

The Hershey Company is headquartered in Hershey, Pa., and is an industry-leading snacks company known for bringing goodness to the world through its iconic brands, remarkable people and enduring commitment to help children succeed. Hershey has approximately 17,000 employees around the world who work every day to deliver delicious, quality products. The company has more than 90 brands around the world that drive more than $8 billion in annual revenues, including such iconic brand names as Hershey's, Reese's, Kit Katยฎ, Jolly Rancher, Ice Breakers, SkinnyPop, and Pirate's Booty. For more than 125 years, Hershey has been committed to operating fairly, ethically and sustainably. Hershey founder, Milton Hershey, created the Milton Hershey School in 1909 and since then the company has focused on helping children succeed.

NAICS: 30
NAICS Definition: Manufacturing
Employees: 10,512
Subsidiaries: 2
12-month incidents
0
Known data breaches
1
Attack type number
1

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/tgw-company.jpeg
TGW Company
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
https://images.rankiteo.com/companyimages/the-hershey-company.jpeg
The Hershey Company
โ€”
ISO 27001
Not verified
โ€”
SOC 2
Not verified
โ€”
GDPR
No public badge
โ€”
PCI DSS
No public badge
Compliance Summary
TGW Company
100%
Compliance Rate
0/4 Standards Verified
The Hershey Company
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Manufacturing Industry Average (This Year)

No incidents recorded for TGW Company in 2025.

Incidents vs Manufacturing Industry Average (This Year)

No incidents recorded for The Hershey Company in 2025.

Incident History โ€” TGW Company (X = Date, Y = Severity)

TGW Company cyber incidents detection timeline including parent company and subsidiaries

Incident History โ€” The Hershey Company (X = Date, Y = Severity)

The Hershey Company cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/tgw-company.jpeg
TGW Company
Incidents

No Incident

https://images.rankiteo.com/companyimages/the-hershey-company.jpeg
The Hershey Company
Incidents

Date Detected: 9/2023
Type:Breach
Attack Vector: Unauthorized Access to Email Accounts
Blog: Blog

FAQ

Both TGW Company company and The Hershey Company company demonstrate a comparable AI risk posture, with strong governance and monitoring frameworks in place.

The Hershey Company company has historically faced a number of disclosed cyber incidents, whereas TGW Company company has not reported any.

In the current year, The Hershey Company company and TGW Company company have not reported any cyber incidents.

Neither The Hershey Company company nor TGW Company company has reported experiencing a ransomware attack publicly.

The Hershey Company company has disclosed at least one data breach, while TGW Company company has not reported such incidents publicly.

Neither The Hershey Company company nor TGW Company company has reported experiencing targeted cyberattacks publicly.

Neither TGW Company company nor The Hershey Company company has reported experiencing or disclosing vulnerabilities publicly.

The Hershey Company company has more subsidiaries worldwide compared to TGW Company company.

The Hershey Company company employs more people globally than TGW Company company, reflecting its scale as a Manufacturing.

Latest Global CVEs (Not Company-Specific)

Description

Multiple stored cross-site scripting (XSS) vulnerabilities in Liferay Portal 7.4.3.15 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 update 15 through update 92 allow remote attackers to inject arbitrary web script or HTML via crafted payload injected into a Terms and Condition's Name text field to (1) Payment Terms, or (2) the Delivery Term on the view order page.

Published
Date
2025-10-07
Updated
Date
2025-10-07
Risk Information
cvss4
Base: 4.8
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown part of the file /admin/invoices.php. Performing manipulation of the argument delid results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be exploited.

Published
Date
2025-10-07
Updated
Date
2025-10-07
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Affected by this issue is some unknown functionality of the file /admin/customer-list.php. Such manipulation of the argument delid leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used.

Published
Date
2025-10-07
Updated
Date
2025-10-07
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

A vulnerability was determined in GNU Binutils 2.45. Affected by this vulnerability is the function get_link_hash_entry of the file bfd/elflink.c of the component Linker. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Upgrading to version 2.46 addresses this issue. Patch name: aeaaa9af6359c8e394ce9cf24911fec4f4d23703. It is advisable to upgrade the affected component.

Published
Date
2025-10-07
Updated
Date
2025-10-07
Risk Information
cvss2
Base: 1.7
Severity: LOW
AV:L/AC:L/Au:S/C:N/I:N/A:P
cvss3
Base: 3.3
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
cvss4
Base: 4.8
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Cross-site scripting (XSS) vulnerability in the Commerce Search Result widget in Liferay Portal 7.4.0 through 7.4.3.111, and Liferay DXP 2023.Q4 before patch 6, 2023.Q3 before patch 9, and 7.4 GA through update 92 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a Commerce Product's Name text field.

Published
Date
2025-10-07
Updated
Date
2025-10-07
Risk Information
cvss4
Base: 4.8
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References