Thomson Reuters Company Cyber Security Posture
tr.comThomson Reuters is the worldโs leading provider of news and information-based tools to professionals. Our worldwide network of journalists and specialist editors keep customers up to speed on global developments, with a particular focus on legal, regulatory and tax changes. Our customers operate in complex arenas that move society forward โ tax, law, compliance, government, media. In a disruptive digital age, we help professionals reinvent themselves. Thomson Reuters shares are listed on the Toronto and New York Stock Exchanges (symbol: TRI).
Thomson Reuters Company Details
thomson-reuters
35141 employees
1799859.0
511
Software Development
tr.com
1415
THO_3467413
In-progress
Thomson Reuters Risk Score (AI oriented)Between 900 and 1000
This score is AI-generated and less favored by cyber insurers, who prefer the TPRM score.
Thomson Reuters Global Score.png)
Thomson Reuters Company Scoring based on AI Models
| Model Name | Date | Description | Current Score Difference | Score |
|---|---|---|---|---|
| AVERAGE-Industry | 03-12-2025 | This score represents the average cybersecurity rating of companies already scanned within the same industry. It provides a benchmark to compare an individual company's security posture against its industry peers. | N/A | Between 900 and 1000 |
Thomson Reuters Company Cyber Security News & History
| Entity | Type | Severity | Impact | Seen | Url ID | Details | View |
|---|---|---|---|---|---|---|---|
| Thomson Reuters | Breach | 100 | 4 | 10/2022 | THO1335281022 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: Thomson Reuters provides customers with products such as the business-to-business media tool Reuters Connect, legal research service and database Westlaw, the tax automation system ONESOURCE, online research suite of editorial and source materials Checkpoint, and other tools. The size of the open database the team discovered corresponds with the company using ElasticSearch, a data storage favored by enterprises dealing with extensive, constantly updated volumes of data. Media giant with $6.35 billion in revenue left at least three of its databases open At least 3TB of sensitive data exposed including Thomson Reuters plaintext passwords to third-party servers The data company collects is a treasure trove for threat actors, likely worth millions of dollars on underground criminal forums The company has immediately fixed the issue, and started notifying their customers Thomson Reuters downplayed the issue, saying it affects only a โsmall subset of Thomson Reuters Global Trade customersโ The dataset was open for several days โ malicious bots are capable of discovering instances within mere hours Threat actors could use the leak for attacks, from social engineering attacks to ransomware | |||||||
| Thomson Reuters | Cyber Attack | 60 | 3 | 01/2024 | THO185521124 | Link | |
Rankiteo Explanation : Attack with significant impact with internal employee data leaksDescription: In retaliation for a cyber attack by Russia against the Ukrainian telecom giant Kyivstar, hackers associated with Ukraine's primary intelligence agency have infiltrated the computer systems of a Moscow-based internet provider, Reuters reports. The hackers, allegedly linked to Ukraine's spy agency, erased 20 terabytes of data from M9 Telecom, a relatively small Russian internet and TV provider, resulting in some Moscow residents experiencing internet service disruptions. Despite the hacking group's assertion that the company's website had been destroyed, the extent of the successful breach could not be independently verified by Reuters. | |||||||
Thomson Reuters Company Subsidiaries
Thomson Reuters is the worldโs leading provider of news and information-based tools to professionals. Our worldwide network of journalists and specialist editors keep customers up to speed on global developments, with a particular focus on legal, regulatory and tax changes. Our customers operate in complex arenas that move society forward โ tax, law, compliance, government, media. In a disruptive digital age, we help professionals reinvent themselves. Thomson Reuters shares are listed on the Toronto and New York Stock Exchanges (symbol: TRI).
Access Data Using Our API
Get company history
Rapid.png)
Thomson Reuters Cyber Security News
Pioneering security and innovation for a secure future
At Thomson Reuters, our mission has always been to empower professionals and institutions to confidently address the complexities of todayย ...
Thomson Reuters prioritizes data security โ and hereโs how you benefit
We have always focused on developing technology that prioritizes an ethical approach to data security.
Cybersecurity risk management: An overview
With the dangers of cyber threats rising, enterprises and organizations must have a stable plan in place to eliminate or reduce risks.
Types of cybersecurity threats
This term describes threats where the cyber-criminal uses a false identity to access the organization's IT infrastructure, typically for fraudulent purposes.
Cybersecurity awareness month: is your network safe this October?
Cybersecurity Awareness Month is a global initiative designed to raise awareness about the importance of digital security and empowerย ...
Expert insights on payroll data security and tax scams in 2025
Businesses continue to face serious cyber threats that target payroll and tax information. As scams become more common, it is important forย ...
Legal tech education in the age of transformation: Insights ahead of ILTA EVOLVE 2025
GenAI, cybersecurity, and emerging technological standards are no longer peripheral considerations โ they are central to the future of theย ...
AI data security is Critical for professional-grade AI
It should be clear by now that artificial intelligence (AI) is here to stay for professionals in numerous industries. Need evidence?
The cost of data breaches
Discover the true cost of data breaches and emphasize the critical role of identity verification in preventing them.
Thomson Reuters Similar Companies
Microsoft
Every company has a mission. What's ours? To empower every person and every organization to achieve more. We believe technology can and should be a force for good and that meaningful innovation contributes to a brighter world in the future and today. Our culture doesnโt just encourage curiosity; it
Symantec
Your backstage pass to the most epic cybersecurity solutions on the market for Endpoint, Network, Data and Cloud security. Featuring worldwide (yet local-to-you) partner experts with the chops to deliver enterprise-grade security, whether you're a solo act or a supergroup. Be first in line to experi
Alibaba.com
The first business of Alibaba Group, Alibaba.com (www.alibaba.com) is the leading platform for global wholesale trade serving millions of buyers and suppliers around the world. Through Alibaba.com, small businesses can sell their products to companies in other countries. Sellers on Alibaba.com are t
Tencent
Tencent is a world-leading internet and technology company that develops innovative products and services to improve the quality of life of people around the world. Founded in 1998 with its headquarters in Shenzhen, China, Tencent's guiding principle is to use technology for good. Our communication
Zoho
Zoho offers beautifully smart software to help you grow your business. With over 100 million users worldwide, Zoho's 55+ products aid your sales and marketing, support and collaboration, finance, and recruitment needsโletting you focus only on your business. Zoho respects user privacy and does not h
Juniper Networks
Juniper Networks is leading the revolution in networking, making it one of the most exciting technology companies in Silicon Valley today. Since being founded by Pradeep Sindhu, Dennis Ferguson, and Bjorn Liencres nearly 20 years ago, Juniperโs sole mission has been to create innovative products and
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Thomson Reuters CyberSecurity History Information
How many cyber incidents has Thomson Reuters faced?
Total Incidents: According to Rankiteo, Thomson Reuters has faced 2 incidents in the past.
What types of cybersecurity incidents have occurred at Thomson Reuters?
Incident Types: The types of cybersecurity incidents that have occurred include Breach and Cyber Attack.
How does Thomson Reuters detect and respond to cybersecurity incidents?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with the company has immediately fixed the issue and remediation measures with started notifying their customers and communication strategy with downplayed the issue.
Incident Details
Can you provide details on each incident?
Incident : Data Breach
Title: Cyber Attack on Moscow-based M9 Telecom by Ukrainian Hackers
Description: Hackers associated with Ukraine's primary intelligence agency infiltrated the computer systems of M9 Telecom, a Moscow-based internet provider, in retaliation for a cyber attack by Russia against the Ukrainian telecom giant Kyivstar. The hackers erased 20 terabytes of data, resulting in internet service disruptions for some Moscow residents.
Type: Data Breach
Attack Vector: Unspecified Infiltration
Threat Actor: Hackers associated with Ukraine's primary intelligence agency
Motivation: Retaliation for a cyber attack by Russia against Kyivstar
Incident : Data Exposure
Title: Thomson Reuters Data Exposure
Description: Thomson Reuters left at least three of its databases open, exposing at least 3TB of sensitive data including plaintext passwords to third-party servers.
Type: Data Exposure
Attack Vector: Unsecured Database
Vulnerability Exploited: Unsecured ElasticSearch Database
What are the most common types of attacks the company has faced?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident?
Incident : Data Breach THO185521124
Data Compromised: 20 terabytes of data erased
Systems Affected: Internet and TV services
Downtime: Internet service disruptions for some Moscow residents
Incident : Data Exposure THO1335281022
Data Compromised: Sensitive data, Plaintext passwords
Systems Affected: ElasticSearch databases
What types of data are most commonly compromised in incidents?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Sensitive data and Plaintext passwords.
Which entities were affected by each incident?
Incident : Data Breach THO185521124
Entity Type: Internet and TV Provider
Industry: Telecommunications
Location: Moscow, Russia
Size: Small
Incident : Data Exposure THO1335281022
Entity Type: Corporation
Industry: Media and Information Services
Size: $6.35 billion in revenue
Customers Affected: small subset of Thomson Reuters Global Trade customers
Response to the Incidents
What measures were taken in response to each incident?
Incident : Data Exposure THO1335281022
Containment Measures: The company has immediately fixed the issue
Remediation Measures: Started notifying their customers
Communication Strategy: Downplayed the issue
Data Breach Information
What type of data was compromised in each breach?
Incident : Data Exposure THO1335281022
Type of Data Compromised: Sensitive data, Plaintext passwords
Sensitivity of Data: High
What measures does the company take to prevent data exfiltration?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Started notifying their customers.
How does the company handle incidents involving personally identifiable information (PII)?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by the company has immediately fixed the issue.
References
Where can I find more information about each incident?
Incident : Data Breach THO185521124
Source: Reuters
Where can stakeholders find additional resources on cybersecurity best practices?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Reuters.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through was Downplayed the issue.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident?
Incident : Data Exposure THO1335281022
Customer Advisories: Started notifying their customers
What advisories does the company provide to stakeholders and customers following an incident?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: was Started notifying their customers.
Initial Access Broker
How did the initial access broker gain entry for each incident?
Incident : Data Exposure THO1335281022
Reconnaissance Period: several days
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident?
Incident : Data Exposure THO1335281022
Root Causes: Unsecured ElasticSearch Database
Corrective Actions: The company has immediately fixed the issue
What corrective actions has the company taken based on post-incident analysis?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: The company has immediately fixed the issue.
Additional Questions
General Information
Who was the attacking group in the last incident?
Last Attacking Group: The attacking group in the last incident was an Hackers associated with Ukraine's primary intelligence agency.
Impact of the Incidents
What was the most significant data compromised in an incident?
Most Significant Data Compromised: The most significant data compromised in an incident were 20 terabytes of data erased, Sensitive data and Plaintext passwords.
What was the most significant system affected in an incident?
Most Significant System Affected: The most significant system affected in an incident was Internet and TV services and ElasticSearch databases.
Response to the Incidents
What containment measures were taken in the most recent incident?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was The company has immediately fixed the issue.
Data Breach Information
What was the most sensitive data compromised in a breach?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were 20 terabytes of data erased, Sensitive data and Plaintext passwords.
References
What is the most recent source of information about an incident?
Most Recent Source: The most recent source of information about an incident is Reuters.
Stakeholder and Customer Advisories
What was the most recent customer advisory issued?
Most Recent Customer Advisory: The most recent customer advisory issued was an Started notifying their customers.
Initial Access Broker
What was the most recent reconnaissance period for an incident?
Most Recent Reconnaissance Period: The most recent reconnaissance period for an incident was several days.
What Do We Measure?
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
