Tumblr
Company Details
Linkedin ID:
tumblr
Website:
Employees number:
1,942
Number of followers:
51,245
NAICS:
513
Industry Type:
Homepage:
tumblr.com
IP Addresses:
0
Company ID:
TUM_1898220
Scan Status:
In-progress
Tumblr Company CyberSecurity Posture
tumblr.com
People come to Tumblr to expand their perspectives. They join a community and a cultural dialogue that exposes them up to new ideas, new passions, and new forms of self-expression. People seem to really like this thing we’ve built, and we need smart, humble, funny people to keep it running and growing. We’re big enough to give you the resources you need and still small enough that you can work on things that matter. Come work with us.
Tumblr A.I CyberSecurity Scoring
Tumblr Risk Score (AI oriented)Between 750 and 799
Tumblr
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Tumblr Global Score (TPRM)XXXX
Tumblr
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Tumblr Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Tumblr
Data Leak
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: In early 2013, Tumblr suffered a data breach that resulted in the exposure of over 65 million accounts. The data was later put up for sale on a dark market website and included email addresses and passwords stored as salted SHA1 hashes.
Tumblr Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Tumblr
Incidents vs Technology, Information and Internet Industry Average (This Year)
No incidents recorded for Tumblr in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Tumblr in 2025.
Incident Types Tumblr vs Technology, Information and Internet Industry Avg (This Year)
No incidents recorded for Tumblr in 2025.
Incident History — Tumblr (X = Date, Y = Severity)
Tumblr cyber incidents detection timeline including parent company and subsidiaries
Tumblr Company Subsidiaries
People come to Tumblr to expand their perspectives. They join a community and a cultural dialogue that exposes them up to new ideas, new passions, and new forms of self-expression. People seem to really like this thing we’ve built, and we need smart, humble, funny people to keep it running and growing. We’re big enough to give you the resources you need and still small enough that you can work on things that matter. Come work with us.
Loading...
Tumblr Similar Companies
At eBay, we create pathways to connect millions of sellers and buyers in more than 190 markets around the world. Our technology empowers our customers, providing everyone the opportunity to grow and thrive — no matter who they are or where they are in the world. And the ripple effect of our work cre
Sohu.com Inc. (NASDAQ: SOHU) is China's premier online brand and indispensable to the daily life of millions of Chinese, providing a network of web properties and community based/web 2.0 products which offer the vast Sohu user community a broad array of choices regarding information, entertainment a
Times Internet
At Times Internet, we create premium digital products that simplify and enhance the lives of millions. As India’s largest digital products company, we have a significant presence across a wide range of categories, including News, Sports, Fintech, and Enterprise solutions. Our portfolio features mar
Independiente / Freelance
La etimología de la palabra deriva del término medieval inglés usado para un mercenario (free-independiente o lance-lanza), es decir, un caballero que no servía a ningún señor en concreto y cuyos servicios podían ser alquilados por cualquiera. El término fue acuñado inicialmente por Sir Walter Scot
Jumia (NYSE :JMIA) is a leading e-commerce platform in Africa. It is built around a marketplace, Jumia Logistics, and JumiaPay. The marketplace helps millions of consumers and sellers to connect and transact. Jumia Logistics enables the delivery of millions of packages through our network of local p
Peraton
Do the can't be done. At Peraton, we're at the forefront of delivering the next big thing every day. We're the partner of choice to help solve some of the world's most daunting challenges, delivering bold, new solutions to keep people around the world safer and more secure. How do we do it? By thi
OYO is a global platform that aims to empower entrepreneurs and small businesses with hotels and homes by providing full-stack technology products and services that aims to increase revenue and ease operations; bringing easy-to-book, affordable, and trusted accommodation to customers around the worl
Primary School
www.primaryschool.com.au is a directory of sites for students and lesson plans and reference material for teachers and parents. It is currently averaging up to 350,000 unique visitors a month and has over 44,000 subscribers to its free weekly newsletter which showcases the latest internet based reso
Cimpress plc (Nasdaq: CMPR) invests in and builds customer-focused, entrepreneurial, mass-customization businesses for the long term. Mass customization is a competitive strategy which seeks to produce goods and services to meet individual customer needs with near mass production efficiency. Cimpr
.png)
Tumblr CyberSecurity News
July 20, 2025 07:00 AM
AI in Cybersecurity: How AI is Changing Threat Defense
Discover how AI in cybersecurity enhances threat detection, prevents attacks, and transforms digital defense strategies in 2025.
February 11, 2025 08:00 AM
Tech-Focused Childhood Led Alum to Cybersecurity Career
Marina Polachek, '17, G'19, works in operational technology and industrial control systems for Accenture Federal Services.
September 19, 2024 07:00 AM
Cybersecurity and Leadership: iSchool Grad’s Path to Protecting the Digital World
Emily Harrington '21 aims to lead in cybersecurity. From sports to national security, her journey shows a deep passion for protecting people and a commitment...
July 24, 2024 07:00 AM
Indian Firm Linked to Fake DMCA Notices Silencing Journalists
Is critical journalism under attack? A recent exposé reveals a disturbing trend: Companies, in this case, an Indian firm, using fake DMCA...
April 17, 2023 07:00 AM
Australia needs a cybersecurity overhaul—not whack-a-mole bans on apps like TikTok
Australia has joined other countries in announcing a ban on the use of TikTok on government devices, with some states and territories following suit.
February 24, 2022 08:00 AM
Tumblr rolls out an ad-free subscription for $4.99 per month
Tumblr announced today that it's rolling out an ad-free browsing experience for web and mobile. On a monthly basis, you'll have to pay $4.99...
May 04, 2020 07:00 AM
Tumblr Will Now Remove All Reblogs of Posts That Violate Its Hate Speech Policy
Tumblr says it's specifically targeting speech from Nazis and other white supremacist groups, which it says still be amplified on its...
March 12, 2020 07:00 AM
Cybersecurity:
Common social networking pro le and content removal requests links: Apple: http://bit.ly/abuse-apple. Facebook: http://bit.ly/abuse-facebook.
April 23, 2019 07:00 AM
Tumblr – finally – enables HTTPS for all accounts
Better late than never, Tumblr has rolled out HTTPS across its entire site. In a brief post on Tumblr's engineering page, the company said...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Tumblr CyberSecurity History Information
Official Website of Tumblr
The official website of Tumblr is http://www.tumblr.com.
Tumblr’s AI-Generated Cybersecurity Score
According to Rankiteo, Tumblr’s AI-generated cybersecurity score is 770, reflecting their Fair security posture.
How many security badges does Tumblr’ have ?
According to Rankiteo, Tumblr currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Tumblr have SOC 2 Type 1 certification ?
According to Rankiteo, Tumblr is not certified under SOC 2 Type 1.
Does Tumblr have SOC 2 Type 2 certification ?
According to Rankiteo, Tumblr does not hold a SOC 2 Type 2 certification.
Does Tumblr comply with GDPR ?
According to Rankiteo, Tumblr is not listed as GDPR compliant.
Does Tumblr have PCI DSS certification ?
According to Rankiteo, Tumblr does not currently maintain PCI DSS compliance.
Does Tumblr comply with HIPAA ?
According to Rankiteo, Tumblr is not compliant with HIPAA regulations.
Does Tumblr have ISO 27001 certification ?
According to Rankiteo,Tumblr is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Tumblr
Tumblr operates primarily in the Technology, Information and Internet industry.
Number of Employees at Tumblr
Tumblr employs approximately 1,942 people worldwide.
Subsidiaries Owned by Tumblr
Tumblr presently has no subsidiaries across any sectors.
Tumblr’s LinkedIn Followers
Tumblr’s official LinkedIn profile has approximately 51,245 followers.
NAICS Classification of Tumblr
Tumblr is classified under the NAICS code 513, which corresponds to Others.
Tumblr’s Presence on Crunchbase
Yes, Tumblr has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/tumblr.
Tumblr’s Presence on LinkedIn
Yes, Tumblr maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/tumblr.
Cybersecurity Incidents Involving Tumblr
As of December 13, 2025, Rankiteo reports that Tumblr has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Tumblr has an estimated 13,136 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Tumblr ?
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak.
Incident Details
Can you provide details on each incident ?
Title: Tumblr Data Breach
Description: In early 2013, Tumblr suffered a data breach that resulted in the exposure of over 65 million accounts. The data was later put up for sale on a dark market website and included email addresses and passwords stored as salted SHA1 hashes.
Type: Data Breach
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Data Leak.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach TUM114441222
Data Compromised: Email addresses, Passwords
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Email Addresses, Passwords and .
Which entities were affected by each incident ?
Incident : Data Breach TUM114441222
Entity Name: Tumblr
Entity Type: Company
Industry: Social Media
Customers Affected: 65 million
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach TUM114441222
Type of Data Compromised: Email addresses, Passwords
Number of Records Exposed: 65 million
Data Encryption: salted SHA1 hashes
Additional Questions
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were email addresses, passwords and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were passwords and email addresses.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 65.0M.
.png)
Latest Global CVEs (Not Company-Specific)
Description
PCSX2 is a free and open-source PlayStation 2 (PS2) emulator. In versions 2.5.377 and below, an unchecked offset and size used in a memcpy operation inside PCSX2's CDVD SCMD 0x91 and SCMD 0x8F handlers allow a specially crafted disc image or ELF to cause an out-of-bounds read from emulator memory. Because the offset and size is controlled through MG header fields, a specially crafted ELF can read data beyond the bounds of mg_buffer and have it reflected back into emulated memory. This issue is fixed in version 2.5.378.
Risk Information
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Aircompressor is a library with ports of the Snappy, LZO, LZ4, and Zstandard compression algorithms to Java. In versions 3.3 and below, incorrect handling of malformed data in Java-based decompressor implementations for Snappy and LZ4 allow remote attackers to read previous buffer contents via crafted compressed input. With certain crafted compressed inputs, elements from the output buffer can end up in the uncompressed output, potentially leaking sensitive data. This is relevant for applications that reuse the same output buffer to uncompress multiple inputs. This can be the case of a web server that allocates a fix-sized buffer for performance purposes. There is similar vulnerability in GHSA-cmp6-m4wj-q63q. This issue is fixed in version 3.4.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A vulnerability was found in itsourcecode COVID Tracking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/?page=zone. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A vulnerability has been found in itsourcecode COVID Tracking System 1.0. Affected is an unknown function of the file /admin/login.php of the component Admin Login. The manipulation of the argument Username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A flaw has been found in campcodes Online Student Enrollment System 1.0. This impacts an unknown function of the file /admin/register.php. Executing manipulation of the argument photo can lead to unrestricted upload. The attack can be launched remotely. The exploit has been published and may be used.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=tumblr' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
