Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download

Comparison Overview

UCLA HealthUCLA Health
VS
MercyMercy
UCLA Health

UCLA Health

757 Westwood Plaza, Los Angeles, 90095, US

Last Update: 05/04/2026

View Profile
Between 700 and 749
https://uclahealth.org
748/1000Moderate

For more than half a century, UCLA Health has provided the best in healthcare and the latest in medical technology to the people of Los Angeles and throughout the world. Comprised of Ronald Reagan UCLA Medical Center, UCLA Medical Center Santa Monica, Resnick Neuropsyc...

NAICS:62
NAICS Definition:Health Care and Social Assistance
Employees:17,415
Subsidiaries:50
12-month incidents
0
Known data breaches
1
Attack type number
2
Mercy

Mercy

15740 South Outer Forty Road, Chesterfield, 63017 , US

Last Update: 29/03/2026

View Profile
Between 750 and 799
https://www.mercy.net/
790/1000Fair

Mercy, one of the 15 largest U.S. health systems and named the top large system in the U.S. for excellent patient experience by NRC Health, serves millions annually with nationally recognized care and one of the nation’s largest and highest performing Accountable Care O...

NAICS:62
NAICS Definition:Health Care and Social Assistance
Employees:29,559
Subsidiaries:4
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Ranges Comparison

Based On Specific Ai Models Category
UCLA Health

UCLA Health

-
ISO 27001Not verified
ISO 27001
-
SOC2 Type 1Not verified
SOC2 Type 1
-
SOC2 Type 2Not verified
SOC2 Type 2
-
GDPRNot verified
GDPR
-
PCI DSSNot verified
PCI DSS
-
HIPAANot verified
HIPAA
Mercy

Mercy

-
ISO 27001Not verified
ISO 27001
-
SOC2 Type 1Not verified
SOC2 Type 1
-
SOC2 Type 2Not verified
SOC2 Type 2
-
GDPRNot verified
GDPR
-
PCI DSSNot verified
PCI DSS
-
HIPAANot verified
HIPAA

Benchmark & Cyber Underwriting Signals

Incidents vs Hospitals and Health Care Industry Avg (This Year)

No incidents recorded for UCLA Health in 2026.

Incidents

Incidents vs Hospitals and Health Care Industry Avg (This Year)

No incidents recorded for Mercy in 2026.

Incidents

Incident History - UCLA Health (X = Date, Y = Severity)

UCLA Health cyber incidents detection timeline including parent company and subsidiaries.

R - Ransomware
C - Cyber Attack
D - Data Breach
V - Vulnerability

Incident History - Mercy (X = Date, Y = Severity)

Mercy cyber incidents detection timeline including parent company and subsidiaries.

No timeline data available
R - Ransomware
C - Cyber Attack
D - Data Breach
V - Vulnerability

Notable Incidents

Last Cyber / HR Incidents / Global...
UCLA Health

UCLA Health

Incidents
🔒 Incident : Data Leak
UCL11139223
🔒 Incident : Breach
UCL14320422
Mercy

Mercy

Incidents
No explicit notable incidents reported.

FAQ

Between UCLA Health company and Mercy company, which one has the best AI Cybersecurity Score ?
Between UCLA Health company and Mercy company, which one has experienced more cyber incidents in the past ?
Between UCLA Health company and Mercy company, which one has experienced more cyber incidents this year ?
Between UCLA Health company and Mercy company, which one has experienced at least one ransomware attack ?
Between UCLA Health company and Mercy company, which one has experienced at least one data breach ?
Between UCLA Health company and Mercy company, which one has experienced at least one targeted cyberattack ?
Between UCLA Health company and Mercy company, which one has experienced at least one vulnerability ?
Between UCLA Health company and Mercy company, which one holds the most compliance certifications ?
Between UCLA Health company and Mercy company, which one holds the fewest compliance certifications ?
Between UCLA Health company and Mercy company, which one has the most subsidiaries ?
Between UCLA Health company and Mercy company, which one has the largest number of employees ?
Between UCLA Health and Mercy, which company holds both SOC 2 Type 1 certifications ?
Between UCLA Health and Mercy, which company holds both SOC 2 Type 2 certifications ?
Which company is ISO 27001 certified - UCLA Health or Mercy ?
Which company is PCI DSS compliant - UCLA Health or Mercy ?
Between UCLA Health and Mercy, which company complies with HIPAA regulations for healthcare data ?
Between UCLA Health and Mercy, which company complies with GDPR requirements ?

Latest Global CVEs

CVE-2026-55175
SUMMARY

Spinnaker is an open source, multi-cloud continuous delivery platform. Prior to versions 2026.1.1, 2026.0.3, 2025.4.4, and 2025.3.4 on their respective release lines, Kustomize bake operations allow unsafe YAML tag processing in rosco manifests. This can lead to remote code execution on rosco pods when performing Kustomize bakes. This issue is fixed in versions 2026.1.1, 2026.0.3, 2025.4.4, and 2025.3.4.

PUBLISHED
Date2026-07-10
UPDATED
Date2026-07-10
RISK INFORMATION (Score: 7.5)
CVSS3
Base Score: 7.5
Complexity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
IMPACT SCORE
5.9
EXPLOITABILITY
1.6
CVE-2026-44383
SUMMARY

Multiple connections to the backend using the same charging station ID are allowed, which could allow an attacker to deploy multiple instances of malicious OCPP clients to overwhelm the backend.

PUBLISHED
Date2026-07-10
UPDATED
Date2026-07-10
RISK INFORMATION (Score: 7.5)
CVSS3
Base Score: 7.5
Complexity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS4
Base Score: 8.7
Complexity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
IMPACT SCORE
3.6
EXPLOITABILITY
3.9
CVE-2026-42952
SUMMARY

Previously, there was no throttling on repeated authentication attempts to the charging station backend, which could allow an attacker to execute a denial-of-service attack.

PUBLISHED
Date2026-07-10
UPDATED
Date2026-07-10
RISK INFORMATION (Score: 7.5)
CVSS3
Base Score: 7.5
Complexity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVSS4
Base Score: 8.7
Complexity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
IMPACT SCORE
3.6
EXPLOITABILITY
3.9
CVE-2026-20744
SUMMARY

The charging station websocket endpoint accepts connections without proper authentication, which could lead to privilege escalation.

PUBLISHED
Date2026-07-10
UPDATED
Date2026-07-10
RISK INFORMATION (Score: 9.8)
CVSS3
Base Score: 9.8
Complexity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS4
Base Score: 9.3
Complexity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
IMPACT SCORE
5.9
EXPLOITABILITY
3.9
CVE-2026-15089
SUMMARY

vulnerability in Drupal Commerce guest registration allows . This issue affects Commerce guest registration versions: *.*.

PUBLISHED
Date2026-07-10
UPDATED
Date2026-07-10
IMPACT SCORE
NA
EXPLOITABILITY
NA