Vodafone
Company Details
Linkedin ID:
vodafone
Website:
Employees number:
132,162
Number of followers:
2,452,316
NAICS:
517
Industry Type:
Homepage:
vodafone.com
IP Addresses:
346
Company ID:
VOD_1764368
Scan Status:
Completed
Vodafone Company CyberSecurity Posture
vodafone.com
At Vodafone, we believe that connectivity is a force for good. If we use it for the things that really matter, it can improve people's lives and the world around us. Through our technology we empower people, connecting everyone regardless of who they are or where they live, we protect the planet and help our customers do the same. But we’re not just shaping the future of technology for our customers – we’re shaping the future for everyone who joins our team too. When you work with us, you’re part of a global mission to connect people, solve complex challenges, and create a sustainable, more inclusive world. If you want to grow your career whilst finding the perfect balance between work and life, Vodafone offers the opportunities and support to help you belong and make a real impact. #TogetherWeCan
Vodafone A.I CyberSecurity Scoring
Vodafone Risk Score (AI oriented)Between 650 and 699
Vodafone
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Vodafone Global Score (TPRM)XXXX
Vodafone
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Vodafone Company CyberSecurity News & History
Past Incidents
7
Attack Types
4
Vodafone
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: Vodafone claims that hackers attempted to access consumers' accounts by using the emails and passwords they had taken from an unidentified source. At that moment, the business started a thorough investigation to get all the information needed to provide the best guidance possible to any impacted clients. The telecoms provider claims that 1,827 customer accounts were hacked by the crooks, who obtained the last four digits of the consumers' bank accounts, their names, and their mobile phone numbers. Although credit or debit card numbers or other information were not acquired, it is crucial to remember that information that is accessible by thieves may be utilized for fraudulent purposes.
Vodafone
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Vodafone realised they suffered a data breach after one of its customers recieved the personal details of 18 other Vodafone customers. The details included name, address and phone numbers for 18 customer accounts along with her e-bill. The company investigated the incident and found out that the issue was a result of an isolated technical glitch which they fixed afterwards.
Vodafone
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Vodafone realised they suffered a data breach after that cybercriminals have broken into a sales partner and copied sensitive data. There has been a cyber issue at Vodafone's partner Vertriebswerk in which critical data leaked; this is not a phishing email; many Vodafone customers are currently receiving emails requesting them to set a new password. Name, birthday, email address, mobile phone number, address, bank information (IBAN/BIC), and customer password are all impacted, according to Vodafone in the email that is available online. Vodafone promptly reported the occurrence to the Federal Commissioner for Data Protection and Freedom of Information.
Vodafone
Breach
Rankiteo Explanation
Attack threatening the economy of a geographical region
Description: Vodafone Italia suffered a data breach incident after one of its commercial partners, FourB S.p.A., which operates as a reseller of telecommunications services in the country, suffered a cyberattack. The cyberattack took place in the first week of September and resulted in the compromise of sensitive subscriber details. The exposed information includes subscription details, identity documents with sensitive data, and contact details. Even KelvinSecurity offered to sell a collection of 295,000 files totalling 310 GB of data they allegedly stole from Vodafone Italia and advertised the cache on messaging platforms and at least one hacker forum.
Vodafone
Cyber Attack
Rankiteo Explanation
Attack threatening the economy of a geographical region
Description: The customer data services of Vodafone Portugal went down recently in several areas as it was targeted in a malicious cyberattack. The 3G network was fixed in the entire county while services like 4G and 5G mobile networks, fixed voice, television, SMS, and voice/digital answering services are still offline. The company is investigating the largest cybersecurity incident with the help of local and international cyber security teams.
Vodafone
Data Leak
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: An intruder hacked into a Vodafone Group Plc (VOD) server in Germany and gained access to 2 million customers’ personal details and banking information. A person stole data including names, addresses, birth dates, and bank account information. However, the hacker had no access to credit card information, passwords, PIN numbers or mobile-phone numbers.
Vodafone
Ransomware
Rankiteo Explanation
Attack limited on finance or reputation
Description: Vodafone's online sales of "Callya" prepaid cards were impacted by the purported ransomware attack on the IT service company Materna. The Vodafone website stopped selling the SIM cards, just after Materna had given the business permission to launch a "professionally elaborated cyber attack. Both businesses emphasise that there hasn't been any determination of a consumer data leak. "Restrictions on online sales and online registration of Callya products" should be lifted soon, according to Vodafone. Until then, there would be other ways to make the reservation. Many clients' systems were also impacted by the Materna security breach. There were Materna-operated check-in machine outages at several German airports. Workers were "equipped with newly installed or completely newly configured systems," which had never been linked to the impacted infrastructure.
Vodafone Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Vodafone
Incidents vs Telecommunications Industry Average (This Year)
No incidents recorded for Vodafone in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Vodafone in 2025.
Incident Types Vodafone vs Telecommunications Industry Avg (This Year)
No incidents recorded for Vodafone in 2025.
Incident History — Vodafone (X = Date, Y = Severity)
Vodafone cyber incidents detection timeline including parent company and subsidiaries
Vodafone Company Subsidiaries
At Vodafone, we believe that connectivity is a force for good. If we use it for the things that really matter, it can improve people's lives and the world around us. Through our technology we empower people, connecting everyone regardless of who they are or where they live, we protect the planet and help our customers do the same. But we’re not just shaping the future of technology for our customers – we’re shaping the future for everyone who joins our team too. When you work with us, you’re part of a global mission to connect people, solve complex challenges, and create a sustainable, more inclusive world. If you want to grow your career whilst finding the perfect balance between work and life, Vodafone offers the opportunities and support to help you belong and make a real impact. #TogetherWeCan
Loading...
Vodafone Similar Companies
Charter Communications, Inc. (NASDAQ: CHTR) is a leading broadband connectivity company and cable operator with services available to more than 57 million homes and businesses in 41 states through its Spectrum brand. Over an advanced communications network, the company offers a full range of state-o
ZTE Corporation
ZTE connects the world with continuous innovation for a better future. The company provides innovative technologies and integrated solutions, and its portfolio spans communication networks, computing infrastructure, industry digital solutions, and personal and home smart terminals. Serving one t
We believe it’s people who give purpose to our technology. So we’re committed to staying close to our customers and providing them the best experience. And delivering the best tech. On the best network. Because our purpose is to build a connected future so everyone can thrive. We build techno
airtel
Airtel was founded to provide global connectivity and unlock endless opportunities. Our organization embodies a unique blend of energy, innovation, creativity, dedication, scale, and ownership, all aimed at being limitless. At Airtel, we strive to go beyond our duties to create impactful solutions f
Ericsson
The future of mobile isn’t on the horizon, it’s happening now. At Ericsson, we’re building the foundation for an open network ecosystem where industries, developers, and enterprises thrive. The convergence of 5G, AI, cloud, and network APIs isn’t just a technological shift; it’s a transformation th
Our 15 000 talented colleagues serve millions of customers every day in one of the world’s most connected regions. With a strong connectivity base, we’re the hub in the digital ecosystem, empowering people, companies and societies to stay in touch with everything that matters 24/7/365 - on their ter
ACN
ACN is the leading direct selling telecommunications and essential services provider. ACN Inc. was founded in 1993 by four entrepreneurs and is now operating in North America. ACN offers essential products and services that people use every day, while also offering a powerful business ownership oppo
Jazz
Pakistan’s number one digital operator and the largest internet and broadband service provider with over 70 million subscribers nationwide. With a legacy of more than 27 years, Jazz maintains market leadership through cutting-edge, integrated technology, the strongest brands and the largest portfoli
Reliance Communications
Reliance Communications Limited, founded by the late Shri Dhirubhai H Ambani (1932-2002), has Corporate clientele that includes 40,000 Indian and multinational corporations, including small and medium enterprises. Reliance Communications has established a pan-India, Next-Generation, digital network
.png)
Vodafone CyberSecurity News
November 04, 2025 03:30 AM
Vodafone To Buy Skaylink For €175 Million To Bolster Cloud, Security, and AI Capabilities
Vodafone Group Plc announced that it has entered into a binding agreement to acquire 100% of Skaylink GmbH for €175 million.
October 20, 2025 07:00 AM
Zero Trust: The Security Mindset UK Businesses Must Embrace
Vodafone Business explains why Zero Trust has emerged as the essential security paradigm for organisations navigating today's borderless...
October 14, 2025 07:00 AM
UK faces surge in nationally significant cyber attacks
Britain sees sharp surge in major cyber attacks targeting key sectors, prompting national security and defence warnings.
October 10, 2025 02:34 PM
Vodafone Germany fined €45m over GDPR and security failings
Vodafone's struggling German business took yet another setback this week after it received two fines worth €45 million over cybersecurity failings.
October 09, 2025 03:26 PM
Vodafone data: UK SMEs lose £3.4bn to cyber attacks
Vodafone data: UK SMEs lose £3.4bn to cyber attacks ... Small and medium sized businesses (SMEs) across the UK are collectively losing £3.4 billion each year due...
September 30, 2025 07:00 AM
It’s cybersecurity awareness month: Make Security Make Sense
October is Cybersecurity Awareness Month, and at Vodafone Business, we want to help make security make sense for everyone, especially small and...
September 24, 2025 07:00 AM
Reliance Jio Opposed Including Telecom Service Misuse in Cybersecurity Rules, RTI Reveals
RTI reveals Reliance Jio opposed including telecom service misuse in India's cybersecurity rules, citing limits on SOC responsibilities.
September 09, 2025 07:00 AM
Telefónica cuts the ribbon on Granada AI, cybersecurity hub
Operator opens second Talent and Technology Center, which Group COO Emilio Gayo said is aimed at attracting and retaining local talent while...
August 01, 2025 07:00 AM
Draft telecom cybersecurity rules face pushback from digital firms over scope, costs
Executives from PB Fintech are slotted first in the schedule, and are expected to meet Department of Telecommunications officials to discuss...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Vodafone CyberSecurity History Information
Official Website of Vodafone
The official website of Vodafone is http://www.vodafone.com/.
Vodafone’s AI-Generated Cybersecurity Score
According to Rankiteo, Vodafone’s AI-generated cybersecurity score is 663, reflecting their Weak security posture.
How many security badges does Vodafone’ have ?
According to Rankiteo, Vodafone currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Vodafone have SOC 2 Type 1 certification ?
According to Rankiteo, Vodafone is not certified under SOC 2 Type 1.
Does Vodafone have SOC 2 Type 2 certification ?
According to Rankiteo, Vodafone does not hold a SOC 2 Type 2 certification.
Does Vodafone comply with GDPR ?
According to Rankiteo, Vodafone is not listed as GDPR compliant.
Does Vodafone have PCI DSS certification ?
According to Rankiteo, Vodafone does not currently maintain PCI DSS compliance.
Does Vodafone comply with HIPAA ?
According to Rankiteo, Vodafone is not compliant with HIPAA regulations.
Does Vodafone have ISO 27001 certification ?
According to Rankiteo,Vodafone is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Vodafone
Vodafone operates primarily in the Telecommunications industry.
Number of Employees at Vodafone
Vodafone employs approximately 132,162 people worldwide.
Subsidiaries Owned by Vodafone
Vodafone presently has no subsidiaries across any sectors.
Vodafone’s LinkedIn Followers
Vodafone’s official LinkedIn profile has approximately 2,452,316 followers.
NAICS Classification of Vodafone
Vodafone is classified under the NAICS code 517, which corresponds to Telecommunications.
Vodafone’s Presence on Crunchbase
No, Vodafone does not have a profile on Crunchbase.
Vodafone’s Presence on LinkedIn
Yes, Vodafone maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/vodafone.
Cybersecurity Incidents Involving Vodafone
As of November 27, 2025, Rankiteo reports that Vodafone has experienced 7 cybersecurity incidents.
Number of Peer and Competitor Companies
Vodafone has an estimated 9,536 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Vodafone ?
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak, Breach, Cyber Attack and Ransomware.
How does Vodafone detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with local and international cyber security teams, and remediation measures with technical glitch fixed, and communication strategy with notified customers via email to reset their passwords, and communication strategy with informing affected customers and providing guidance, and remediation measures with newly installed or completely newly configured systems for workers, and communication strategy with vodafone's statement about lifting restrictions soon..
Incident Details
Can you provide details on each incident ?
Title: Vodafone Portugal Cyberattack
Description: The customer data services of Vodafone Portugal went down recently in several areas as it was targeted in a malicious cyberattack. The 3G network was fixed in the entire county while services like 4G and 5G mobile networks, fixed voice, television, SMS, and voice/digital answering services are still offline. The company is investigating the largest cybersecurity incident with the help of local and international cyber security teams.
Type: Cyberattack
Title: Vodafone Data Breach
Description: Vodafone suffered a data breach when a customer received the personal details of 18 other Vodafone customers due to a technical glitch.
Type: Data Breach
Vulnerability Exploited: Technical Glitch
Title: Vodafone Italia Data Breach Incident
Description: Vodafone Italia suffered a data breach incident after one of its commercial partners, FourB S.p.A., which operates as a reseller of telecommunications services in the country, suffered a cyberattack.
Type: Data Breach
Threat Actor: FourB S.p.A.Even KelvinSecurity
Title: Vodafone Data Breach
Description: An intruder hacked into a Vodafone Group Plc (VOD) server in Germany and gained access to 2 million customers’ personal details and banking information.
Type: Data Breach
Attack Vector: Server Hack
Threat Actor: Unknown
Title: Vodafone Data Breach via Vertriebswerk
Description: Vodafone experienced a data breach after cybercriminals infiltrated a sales partner, Vertriebswerk, and copied sensitive data. The breach involved the leakage of critical customer information, prompting Vodafone to notify affected customers and request password resets.
Type: Data Breach
Attack Vector: Data Breach
Threat Actor: Cybercriminals
Motivation: Unauthorized Access to Sensitive Data
Title: Vodafone Data Breach
Description: Hackers attempted to access consumers' accounts by using the emails and passwords they had taken from an unidentified source. The telecoms provider claims that 1,827 customer accounts were hacked by the crooks, who obtained the last four digits of the consumers' bank accounts, their names, and their mobile phone numbers. Although credit or debit card numbers or other information were not acquired, it is crucial to remember that information that is accessible by thieves may be utilized for fraudulent purposes.
Type: Data Breach
Attack Vector: Stolen Credentials
Threat Actor: Unknown Hackers
Motivation: Data Theft
Title: Ransomware Attack on Materna Affects Vodafone and German Airports
Description: Vodafone's online sales of 'Callya' prepaid cards were impacted by the purported ransomware attack on the IT service company Materna. The Vodafone website stopped selling the SIM cards, just after Materna had given the business permission to launch a 'professionally elaborated cyber attack.' Both businesses emphasise that there hasn't been any determination of a consumer data leak. 'Restrictions on online sales and online registration of Callya products' should be lifted soon, according to Vodafone. Until then, there would be other ways to make the reservation. Many clients' systems were also impacted by the Materna security breach. There were Materna-operated check-in machine outages at several German airports. Workers were 'equipped with newly installed or completely newly configured systems,' which had never been linked to the impacted infrastructure.
Type: Ransomware Attack
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Sales Partner (Vertriebswerk) and Stolen Credentials.
Impact of the Incidents
What was the impact of each incident ?
Incident : Cyberattack VOD153310222
Systems Affected: 4G and 5G mobile networksfixed voicetelevisionSMSvoice/digital answering services
Incident : Data Breach VOD205123422
Data Compromised: Personal details including name, address, and phone numbers
Incident : Data Breach VOD202921222
Data Compromised: Subscription details, Identity documents with sensitive data, Contact details
Incident : Data Breach VOD231421123
Data Compromised: Names, Addresses, Birth dates, Bank account information
Incident : Data Breach VOD93129723
Data Compromised: Name, Birthday, Email address, Mobile phone number, Address, Bank information (iban/bic), Customer password
Incident : Data Breach VOD129261023
Data Compromised: Names, Mobile phone numbers, Last four digits of bank account numbers
Identity Theft Risk: High
Payment Information Risk: Low
Incident : Ransomware Attack VOD41441223
Systems Affected: Vodafone's online sales of 'Callya' prepaid cardsMaterna-operated check-in machines at German airports
Operational Impact: Suspension of online sales and registration of Callya productsCheck-in machine outages at German airports
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Identifiable Information, Subscription Details, Identity Documents With Sensitive Data, Contact Details, , Personal Identifiable Information, Bank Account Information, , Personally Identifiable Information, Bank Information, , Personally Identifiable Information, Bank Account Information and .
Which entities were affected by each incident ?
Incident : Cyberattack VOD153310222
Entity Name: Vodafone Portugal
Entity Type: Telecommunications
Industry: Telecommunications
Location: Portugal
Incident : Data Breach VOD205123422
Entity Name: Vodafone
Entity Type: Telecommunications Company
Industry: Telecommunications
Customers Affected: 18
Incident : Data Breach VOD202921222
Entity Name: Vodafone Italia
Entity Type: Telecommunications
Industry: Telecommunications
Location: Italy
Incident : Data Breach VOD202921222
Entity Name: FourB S.p.A.
Entity Type: Reseller
Industry: Telecommunications
Location: Italy
Incident : Data Breach VOD231421123
Entity Name: Vodafone Group Plc
Entity Type: Telecommunications Company
Industry: Telecommunications
Location: Germany
Customers Affected: 2 million
Incident : Data Breach VOD93129723
Entity Name: Vodafone
Entity Type: Telecommunications Company
Industry: Telecommunications
Incident : Data Breach VOD129261023
Entity Name: Vodafone
Entity Type: Telecommunications Provider
Industry: Telecommunications
Customers Affected: 1827
Incident : Ransomware Attack VOD41441223
Entity Name: Vodafone
Entity Type: Telecommunications Company
Industry: Telecommunications
Incident : Ransomware Attack VOD41441223
Entity Name: Materna
Entity Type: IT Service Company
Industry: Information Technology
Incident : Ransomware Attack VOD41441223
Entity Name: German Airports
Entity Type: Airport
Industry: Aviation
Location: Germany
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Cyberattack VOD153310222
Third Party Assistance: Local And International Cyber Security Teams.
Incident : Data Breach VOD205123422
Remediation Measures: Technical glitch fixed
Incident : Data Breach VOD93129723
Communication Strategy: Notified customers via email to reset their passwords
Incident : Data Breach VOD129261023
Communication Strategy: Informing affected customers and providing guidance
Incident : Ransomware Attack VOD41441223
Remediation Measures: Newly installed or completely newly configured systems for workers
Communication Strategy: Vodafone's statement about lifting restrictions soon
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through local and international cyber security teams, .
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach VOD205123422
Type of Data Compromised: Personal Identifiable Information
Number of Records Exposed: 18
Sensitivity of Data: Medium
Personally Identifiable Information: Name, Address, Phone Numbers
Incident : Data Breach VOD202921222
Type of Data Compromised: Subscription details, Identity documents with sensitive data, Contact details
Number of Records Exposed: 295,000
Sensitivity of Data: High
Data Exfiltration: Yes
Personally Identifiable Information: Yes
Incident : Data Breach VOD231421123
Type of Data Compromised: Personal identifiable information, Bank account information
Number of Records Exposed: 2 million
Sensitivity of Data: High
Personally Identifiable Information: namesaddressesbirth dates
Incident : Data Breach VOD93129723
Type of Data Compromised: Personally identifiable information, Bank information
Sensitivity of Data: High
Incident : Data Breach VOD129261023
Type of Data Compromised: Personally identifiable information, Bank account information
Number of Records Exposed: 1827
Sensitivity of Data: High
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Technical glitch fixed, Newly installed or completely newly configured systems for workers, .
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach VOD93129723
Regulatory Notifications: Reported to the Federal Commissioner for Data Protection and Freedom of Information
References
Where can I find more information about each incident ?
Incident : Data Breach VOD93129723
Source: Online Email Notification
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Online Email Notification.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Cyberattack VOD153310222
Investigation Status: Ongoing
Incident : Data Breach VOD129261023
Investigation Status: Ongoing
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Notified customers via email to reset their passwords, Informing affected customers and providing guidance and Vodafone'S Statement About Lifting Restrictions Soon.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach VOD93129723
Customer Advisories: Emails requesting password resets
Incident : Data Breach VOD129261023
Customer Advisories: Guidance provided to affected customers
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Emails requesting password resets and Guidance provided to affected customers.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach VOD93129723
Entry Point: Sales Partner (Vertriebswerk)
Incident : Data Breach VOD129261023
Entry Point: Stolen Credentials
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach VOD205123422
Root Causes: Technical Glitch
Corrective Actions: Technical glitch fixed
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Local And International Cyber Security Teams, .
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Technical glitch fixed.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an FourB S.p.A.Even KelvinSecurity, Unknown, Cybercriminals and Unknown Hackers.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Personal details including name, address, and phone numbers, subscription details, identity documents with sensitive data, contact details, , names, addresses, birth dates, bank account information, , Name, Birthday, Email Address, Mobile Phone Number, Address, Bank Information (IBAN/BIC), Customer Password, , Names, Mobile Phone Numbers, Last Four Digits of Bank Account Numbers and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was 4G and 5G mobile networksfixed voicetelevisionSMSvoice/digital answering services and Vodafone's online sales of 'Callya' prepaid cardsMaterna-operated check-in machines at German airports.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was local and international cyber security teams, .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Name, Bank Information (IBAN/BIC), addresses, Names, Mobile Phone Numbers, birth dates, Last Four Digits of Bank Account Numbers, Mobile Phone Number, Address, Birthday, contact details, subscription details, Customer Password, Personal details including name, address, and phone numbers, Email Address, identity documents with sensitive data, names and bank account information.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 2.3M.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Online Email Notification.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued were an Emails requesting password resets and Guidance provided to affected customers.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker were an Sales Partner (Vertriebswerk) and Stolen Credentials.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=vodafone' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
