UBS
Company Details
Linkedin ID:
ubs
Website:
Employees number:
118,118
Number of followers:
1,880,643
NAICS:
52
Industry Type:
Homepage:
ubs.com
IP Addresses:
362
Company ID:
UBS_2194882
Scan Status:
Completed
UBS Company CyberSecurity Posture
ubs.com
From gaining new experiences in different roles to acquiring fresh knowledge and skills – at UBS we believe that you should never stop growing and learning because life never stops teaching. We know that it's our people – with their unique backgrounds, skills, experience levels and interests – who drive our ongoing success. Ready to be part of #teamUBS and make an impact? Find out more at ubs.com/careers. UBS works with individuals, families, institutions, and corporations around the world to help answer some of life's questions – whether through award winning wealth management advisory, investment banking and asset management expertise, or private and corporate banking services in Switzerland*. In June 2023, Credit Suisse became a UBS Group company. With our large and diverse team operating internationally, we have a presence in all major financial centers in more than 50 countries. Although we all come from different backgrounds and specializations, two things unite us: the conviction that we’re stronger together, and the will and curiosity to constantly innovate. That’s the key to us unlocking our full potential (and what we look for in everyone who joins us). It’s also why we’re regularly recognized as an attractive employer.* * Our awards https://www.ubs.com/awards Social Media Legal Terms: http://www.ubs.com/social-legal
UBS A.I CyberSecurity Scoring
UBS Risk Score (AI oriented)Between 750 and 799
UBS
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
UBS Global Score (TPRM)XXXX
UBS
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
UBS Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
UBS
Ransomware
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: Global banking giant UBS has suffered a data breach following a cyber-attack on a third-party supplier. Information about 130,000 UBS employees, including their business contact details, job roles, locations, and floor information, was published on the dark web by a ransomware group called World Leaks. The breach did not impact customer data or operations, but the direct phone number of UBS CEO Sergio Ermotti was included in the published data.
UBS Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for UBS
Incidents vs Financial Services Industry Average (This Year)
UBS has 31.58% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
UBS has 53.85% more incidents than the average of all companies with at least one recorded incident.
Incident Types UBS vs Financial Services Industry Avg (This Year)
UBS reported 1 incidents this year: 0 cyber attacks, 1 ransomware, 0 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.
Incident History — UBS (X = Date, Y = Severity)
UBS cyber incidents detection timeline including parent company and subsidiaries
UBS Company Subsidiaries
From gaining new experiences in different roles to acquiring fresh knowledge and skills – at UBS we believe that you should never stop growing and learning because life never stops teaching. We know that it's our people – with their unique backgrounds, skills, experience levels and interests – who drive our ongoing success. Ready to be part of #teamUBS and make an impact? Find out more at ubs.com/careers. UBS works with individuals, families, institutions, and corporations around the world to help answer some of life's questions – whether through award winning wealth management advisory, investment banking and asset management expertise, or private and corporate banking services in Switzerland*. In June 2023, Credit Suisse became a UBS Group company. With our large and diverse team operating internationally, we have a presence in all major financial centers in more than 50 countries. Although we all come from different backgrounds and specializations, two things unite us: the conviction that we’re stronger together, and the will and curiosity to constantly innovate. That’s the key to us unlocking our full potential (and what we look for in everyone who joins us). It’s also why we’re regularly recognized as an attractive employer.* * Our awards https://www.ubs.com/awards Social Media Legal Terms: http://www.ubs.com/social-legal
Loading...
UBS Similar Companies
The Allianz Group is one of the world's leading insurers and asset managers with more than 100 million private and corporate customers in nearly 70 countries. We are proud to be the Worldwide Insurance Partner of the Olympic & Paralympic Movements from 2021 until 2032 and to be recognized as one of
Aditya Birla Capital Ltd is a financial services company based out of One World Center, Tower 1, 18th Floor, Jupiter Mills Compound, 841, Senapati Bapat Marg, Elphinstone Road, MUMBAI, India. - Aditya Birla Capital is committed to provide equal opportunity to all in employment and prohibits discrim
Principal Financial Group
Principal Financial Group® is dedicated to improving the wealth and well-being of people and businesses around the world—helping more than 62M customers plan, protect, invest, and retire as of December 31, 2023. Along the way, we commit to supporting the communities where we do business. Improving o
Edward Jones is a leading North American financial services firm in the U.S. and through its affiliate in Canada. The firm’s more than 20,000 financial advisors throughout North America serve more than 9 million clients with a total of $2.2 trillion in client assets under care as of December 31, 202
Lincoln Financial
Lincoln Financial (NYSE: LNC) helps people to confidently plan for their version of a successful future. We focus on identifying a clear path to financial security, with products including annuities, investments, life insurance, group protection, and retirement plan services. With our 120-year trac
Barclays
Barclays is a British universal bank. Our vision is to be the UK-centred leader in global finance. We are a diversified bank with comprehensive UK consumer, corporate and wealth and private banking franchises, a leading investment bank and a strong, specialist US consumer bank. Through these five di
Citi's mission is to serve as a trusted partner to our clients by responsibly providing financial services that enable growth and economic progress. Our core activities are safeguarding assets, lending money, making payments and accessing the capital markets on behalf of our clients. We have over 20
Charles Schwab
Charles Schwab is a different kind of investment services firm – one that strives to disrupt the status quo of the traditional Wall Street approach on behalf of our clients. We believe today, as we did on Day 1, that when you find ways to improve the investing experience for your clients, then busin
Transamerica
Longer lifespans are changing the way we exist. Instead of the traditional stages of learn, work, and retire, we now have the potential for a more fulfilling, multi-stage life. With this opportunity comes the need to plan for it. We enable financial professionals, brokers, agents, advisors, and empl
.png)
UBS CyberSecurity News
December 04, 2025 10:32 PM
UBS Stock News Today, Dec 4: ATM Heist in Gland Sparks Security Concerns
On December 4, a daring ATM heist at a UBS branch in Gland shook the Swiss banking community, highlighting potential vulnerabilities in...
December 04, 2025 11:08 AM
UBS Billionaire Ambitions Report 2025: The rise of a new generation
Dubai/United Arab Emirates – UBS, the leading and truly global wealth manager, today announced the publication of the 11th UBS Billionaire...
November 18, 2025 08:00 AM
Cyber Security: an investment opportunity | UBS Switzerland
Invest in the future of cybersecurity. Seize the opportunity to participate in the growth potential of the international cybersecurity industry.
November 18, 2025 08:00 AM
UBS GWM appoints Borja Martinez-Laredo to head Abu Dhabi office
UBS Global Wealth Management (GWM) Middle East has appointed Borja Martinez-Laredo as Location Head of its newly launched Abu Dhabi office,...
November 14, 2025 04:52 PM
UBS spotlights 30 disrupters for the next decade
UBS has unveiled a curated list of 30 companies it believes are best positioned to thrive over the coming decade, emphasizing that the next wave of market...
November 10, 2025 08:00 AM
UBS sets S&P 500's 2026 year-end target at 7,500 on AI-driven rally
Wall Street's artificial intelligence-driven rally will extend into 2026, UBS Global Research said on Monday, as the brokerage set the S&P...
November 03, 2025 02:25 PM
Cisco Systems upgraded to Buy due to role in AI infrastructure: UBS
Cisco Systems (CSCO) was upgraded to Buy from Neutral by UBS due to its critical role in the buildout of artificial intelligence infrastructure.
November 03, 2025 08:00 AM
UBS faces OECD scrutiny over human rights risks in passive investments
Investigative body cautions Swiss lender after complaint over its holdings in two US private prisons.
October 23, 2025 07:00 AM
China moves to boost AI oversight with focus on safety, data protection
China's Cybersecurity Law: China's proposed AI law aims to boost research, improve ethics, strengthen risk checks and enhance safety...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
UBS CyberSecurity History Information
Official Website of UBS
The official website of UBS is http://www.ubs.com/about.
UBS’s AI-Generated Cybersecurity Score
According to Rankiteo, UBS’s AI-generated cybersecurity score is 759, reflecting their Fair security posture.
How many security badges does UBS’ have ?
According to Rankiteo, UBS currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does UBS have SOC 2 Type 1 certification ?
According to Rankiteo, UBS is not certified under SOC 2 Type 1.
Does UBS have SOC 2 Type 2 certification ?
According to Rankiteo, UBS does not hold a SOC 2 Type 2 certification.
Does UBS comply with GDPR ?
According to Rankiteo, UBS is not listed as GDPR compliant.
Does UBS have PCI DSS certification ?
According to Rankiteo, UBS does not currently maintain PCI DSS compliance.
Does UBS comply with HIPAA ?
According to Rankiteo, UBS is not compliant with HIPAA regulations.
Does UBS have ISO 27001 certification ?
According to Rankiteo,UBS is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of UBS
UBS operates primarily in the Financial Services industry.
Number of Employees at UBS
UBS employs approximately 118,118 people worldwide.
Subsidiaries Owned by UBS
UBS presently has no subsidiaries across any sectors.
UBS’s LinkedIn Followers
UBS’s official LinkedIn profile has approximately 1,880,643 followers.
NAICS Classification of UBS
UBS is classified under the NAICS code 52, which corresponds to Finance and Insurance.
UBS’s Presence on Crunchbase
Yes, UBS has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/ubs.
UBS’s Presence on LinkedIn
Yes, UBS maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/ubs.
Cybersecurity Incidents Involving UBS
As of December 10, 2025, Rankiteo reports that UBS has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
UBS has an estimated 30,311 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at UBS ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
How does UBS detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with strengthened security of relevant systems..
Incident Details
Can you provide details on each incident ?
Title: UBS Data Breach via Third-Party Supplier
Description: Global banking giant UBS has suffered a data breach following a cyber-attack on a third-party supplier, Chain IQ. Information about 130,000 UBS employees was published on the dark web by a ransomware group called World Leaks. The data included business contact details, job roles, and locations. UBS confirmed that no client data was affected.
Date Detected: 2023-06-12
Date Publicly Disclosed: 2023-06-12
Type: Data Breach
Attack Vector: Third-party supplier compromise
Threat Actor: World Leaks (Hunters International)
Motivation: Data exfiltration and potential ransom demand
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach UBS604061925
Data Compromised: Business contact details, Job roles, Locations
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Business Contact Details, Job Roles, Locations and .
Which entities were affected by each incident ?
Incident : Data Breach UBS604061925
Entity Name: UBS
Entity Type: Bank
Industry: Financial Services
Location: Switzerland
Incident : Data Breach UBS604061925
Entity Name: Pictet
Entity Type: Bank
Industry: Financial Services
Location: Switzerland
Incident : Data Breach UBS604061925
Entity Name: Chain IQ
Entity Type: Procurement Service Provider
Industry: Services
Location: Switzerland
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach UBS604061925
Containment Measures: Strengthened security of relevant systems
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach UBS604061925
Type of Data Compromised: Business contact details, Job roles, Locations
Number of Records Exposed: 130000
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by strengthened security of relevant systems and .
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Data Breach UBS604061925
Data Exfiltration: True
References
Where can I find more information about each incident ?
Incident : Data Breach UBS604061925
Source: Infosecurity
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Infosecurity.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach UBS604061925
Investigation Status: Ongoing
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an World Leaks (Hunters International).
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2023-06-12.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2023-06-12.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Business contact details, Job roles, Locations and .
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Strengthened security of relevant systems.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Business contact details, Job roles and Locations.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 130.0.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Infosecurity.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
.png)
Latest Global CVEs (Not Company-Specific)
Description
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Versions 3.5.4 and below contain a Stored Cross-Site Scripting (XSS) vulnerability in the /WeGIA/html/geral/configurar_senhas.php endpoint. The application does not sanitize user-controlled data before rendering it inside the employee selection dropdown. The application retrieves employee names from the database and injects them directly into HTML <option> elements without proper escaping. This issue is fixed in version 3.5.5.
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Description
ZITADEL is an open-source identity infrastructure tool. Versions 4.0.0-rc.1 through 4.7.0 are vulnerable to DOM-Based XSS through the Zitadel V2 logout endpoint. The /logout endpoint insecurely routes to a value that is supplied in the post_logout_redirect GET parameter. As a result, unauthenticated remote attacker can execute malicious JS code on Zitadel users’ browsers. To carry out an attack, multiple user sessions need to be active in the same browser, however, account takeover is mitigated when using Multi-Factor Authentication (MFA) or Passwordless authentication. This issue is fixed in version 4.7.1.
Risk Information
cvss3
Base: 8.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N
Description
ZITADEL is an open-source identity infrastructure tool. Versions 4.7.0 and below are vulnerable to an unauthenticated, full-read SSRF vulnerability. The ZITADEL Login UI (V2) treats the x-zitadel-forward-host header as a trusted fallback for all deployments, including self-hosted instances. This allows an unauthenticated attacker to force the server to make HTTP requests to arbitrary domains, such as internal addresses, and read the responses, enabling data exfiltration and bypassing network-segmentation controls. This issue is fixed in version 4.7.1.
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
Description
NiceGUI is a Python-based UI framework. Versions 3.3.1 and below are vulnerable to directory traversal through the App.add_media_files() function, which allows a remote attacker to read arbitrary files on the server filesystem. This issue is fixed in version 3.4.0.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Description
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions are vulnerable to authentication bypass when the authentication type is set to "webserver." When providing an Authorization header with an arbitrary value, a session is associated with the target user regardless of valid credentials. This issue is fixed in versions 16.0.44 and 17.0.23.
Risk Information
cvss4
Base: 9.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/FreePBX/framework/commit/04224253156543cd9932b90458660b2f19fc0e35#diff-72f14a52840a61504a8e03cd195035b44e488aecd634b001bc6412a04bdc940bR20-R50
- https://github.com/FreePBX/security-reporting/security/advisories/GHSA-9jvh-mv6x-w698
- https://www.freepbx.org/watch-what-we-do-with-security-fixes-%f0%9f%91%80
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=ubs' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
