Co-op
Last Update: 2025-11-27
Between 0 and 549
Owned by you. Right by you.
NAICS: 43
NAICS Definition: Retail Trade
Employees: 20,246
Subsidiaries: 5
12-month incidents
9
Known data breaches
0
Attack type number
2
Comparison Overview
Co-op
VS
Sears
Sears
Last Update: 2025-11-27
Between 750 and 799
Sears is a leading integrated retailer and provider focused on seamlessly connecting the digital and physical shopping experiences to serve our members - wherever, whenever and however they want to shop. We are part of the Transformco family of brands which operates through its subsidiaries, including Sears Home Services and Kmart, with full-line and specialty retail stores across the United States. We are also home to Shop Your Way®, a social shopping platform offering members rewards for shopping at Sears and Kmart as well as with other retail partners. The company is the nation's largest provider of home services, with more than 14 million service and installation calls made annually. For more information, visit https://jobs.sears.com/.
NAICS: 43
NAICS Definition: Retail Trade
Employees: 26,637
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
1
Compliance Badges Comparison
Security & Compliance Standards Overview
Co-op
ISO 27001
Not verified
SOC2 Type 1
Not verified
SOC2 Type 2
Not verified
GDPR
Not verified
PCI DSS
Not verified
HIPAA
Not verified
Sears
ISO 27001
Not verified
SOC2 Type 1
Not verified
SOC2 Type 2
Not verified
GDPR
Not verified
PCI DSS
Not verified
HIPAA
Not verified
Compliance Summary
Co-op
100%
Compliance Rate
0/4 Standards Verified
Sears
0%
Compliance Rate
0/4 Standards Verified
Benchmark & Cyber Underwriting Signals
Incidents vs Retail Industry Average (This Year)
Co-op has 2471.43% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs Retail Industry Average (This Year)
No incidents recorded for Sears in 2025.
Incident History — Co-op (X = Date, Y = Severity)
Co-op cyber incidents detection timeline including parent company and subsidiaries
Incident History — Sears (X = Date, Y = Severity)
Sears cyber incidents detection timeline including parent company and subsidiaries
Notable Incidents
Last 3 Security & Risk Events by Company
Co-op
Incidents
Date Detected: 10/2025
Type:Ransomware
Attack Vector: third-party vulnerability, supply chain compromise
Motivation: financial gain, data exfiltration, operational disruption
Blog: Blog
Sears
Incidents
FAQ
Sears company demonstrates a stronger AI Cybersecurity Score compared to Co-op company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.
Co-op company has faced a higher number of disclosed cyber incidents historically compared to Sears company.
In the current year, Co-op company has reported more cyber incidents than Sears company.
Co-op company has confirmed experiencing a ransomware attack, while Sears company has not reported such incidents publicly.
Neither Sears company nor Co-op company has reported experiencing a data breach publicly.
Both Sears company and Co-op company have reported experiencing targeted cyberattacks.
Neither Co-op company nor Sears company has reported experiencing or disclosing vulnerabilities publicly.
Neither Co-op nor Sears holds any compliance certifications.
Neither company holds any compliance certifications.
Co-op company has more subsidiaries worldwide compared to Sears company.
Sears company employs more people globally than Co-op company, reflecting its scale as a Retail.
Neither Co-op nor Sears holds SOC 2 Type 1 certification.
Neither Co-op nor Sears holds SOC 2 Type 2 certification.
Neither Co-op nor Sears holds ISO 27001 certification.
Neither Co-op nor Sears holds PCI DSS certification.
Neither Co-op nor Sears holds HIPAA certification.
Neither Co-op nor Sears holds GDPR certification.
Latest Global CVEs (Not Company-Specific)
Description
Exposure of credentials in unintended requests in Devolutions Server, Remote Desktop Manager on Windows.This issue affects Devolutions Server: through 2025.3.8.0; Remote Desktop Manager: through 2025.3.23.0.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Description
Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and earlier allow remote attackers to cause denial of service and read adjacent memory via untrusted compressed input.
Risk Information
cvss4
Base: 8.8
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Reveals plaintext credentials in the MONITOR command vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 1.0.0 through 2.13.0. Users are recommended to upgrade to version 2.14.0, which fixes the issue.
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Description
Improper Privilege Management vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from v2.9.0 through v2.13.0. Users are recommended to upgrade to version 2.14.0, which fixes the issue.
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Description
File upload vulnerability in HCL Technologies Ltd. Unica 12.0.0.
Risk Information
cvss3
Base: 6.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
