WBA
Company Details
Linkedin ID:
walgreens-boots-alliance
Employees number:
132,058
Number of followers:
159,292
NAICS:
44611
Industry Type:
Homepage:
walgreensbootsalliance.com
IP Addresses:
0
Company ID:
WAL_6814701
Scan Status:
In-progress
Walgreens Boots Alliance Company CyberSecurity Posture
walgreensbootsalliance.com
Walgreens Boots Alliance (Nasdaq: WBA) is an integrated healthcare, pharmacy and retail leader serving millions of customers and patients every day, with a 170-year heritage of caring for communities. A trusted, global innovator in retail pharmacy with more than 12,500 locations across the U.S., Europe and Latin America, WBA plays a critical role in the healthcare ecosystem. The company is reimagining local healthcare and well-being for all as part of its purpose – to create more joyful lives through better health. Through dispensing medicines, improving access to a wide range of health services, providing high quality health and beauty products and offering anytime, anywhere convenience across its digital platforms, WBA is shaping the future of healthcare. WBA employs approximately 330,000 people and has a presence in eight countries through its portfolio of consumer brands: Walgreens, Boots, Duane Reade, the No7 Beauty Company and Benavides in Mexico. Additionally, WBA has a portfolio of healthcare-focused investments located in several countries, including China and the U.S. The company is proud of its contributions to healthy communities, a healthy planet, an inclusive workplace and a sustainable marketplace. WBA has been recognized for its commitment to being an inclusive workplace. In fiscal 2023, the Company received a score of 100 from the Human Rights Campaign’s Corporate Equality Index, scored 100 percent on the Disability Equality Index for disability inclusion and was named Disability:IN’s 2023 Employer of the Year. In addition, WBA has been recognized for its commitment to operating sustainably as the company is an index component of the Dow Jones Sustainability Indices (DJSI).
Walgreens Boots Alliance A.I CyberSecurity Scoring
WBA Risk Score (AI oriented)Between 750 and 799
WBA
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
WBA Global Score (TPRM)XXXX
WBA
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
WBA Company CyberSecurity News & History
Past Incidents
7
Attack Types
2
Boots UK
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The data breach experienced by the payroll company Zellis affected The BBC, Boots, and British Airways. The BBC is collaborating closely with Zellis as they urgently examine the scope of the data breach at their third-party supplier after becoming aware of it. An unauthenticated attacker might take advantage of the SQL injection vulnerability to access the database of MOVEit Transfer without authorization. The cybersecurity problem at Zellis, which included one of their third-party providers called MOVEit, has been reported to British Airways as having affected them.
Boots UK
Data Leak
Rankiteo Explanation
Attack limited on finance or reputation
Description: Boots had suspended payments using loyalty card points after a cyber attack on its customer database. Hackers broke into Advantage Card accounts to steal customers’ reward points to spend on themselves. The issue affected less than 1% of the company’s 14.4 million active loyalty card users – around 150,000 people. No credit card information had been taken.
Walgreens: Judicial Panel Declines Coordination of Salesforce Data Breach Suits But Transfers TransUnion Cases
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: **Walgreens Faces Legal Action Over Credit Card Receipt Data Exposure** A recent lawsuit alleges that Walgreens violated the **Fair and Accurate Credit Transactions Act (FACTA) of 2003** by improperly printing payment card details on a customer’s receipt. The plaintiff claims the drugstore chain failed to comply with the law’s **truncation requirement**, which mandates that receipts display only the last five digits of a card number to protect consumer data. Instead, the receipt in question reportedly included the **first six and last four digits** of the 16-digit card number, potentially exposing sensitive financial information. FACTA was enacted to prevent identity theft by limiting the disclosure of full card numbers on printed receipts. The case highlights ongoing concerns about **retailer compliance with data protection laws**, particularly in point-of-sale systems. If proven, the violation could result in penalties under FACTA, which allows for statutory damages in such cases. The outcome may set a precedent for how businesses handle payment receipts moving forward.
Walgreen Co.
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: On June 19, 2018, the California Office of the Attorney General reported a data breach involving Walgreen Co., which was discovered on April 17, 2018. Unauthorized skimming devices were found at two Walgreens-owned Rite Aid locations in Nashville, TN, potentially affecting customer payment card information. The breach may involve customer credit or debit card numbers, associated PINs, and possibly names, although there are no known reports of fraud as a result of this incident.
Walgreen Co.
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The California Office of the Attorney General reported that Walgreen Co. experienced a data breach between May 26 and June 5, 2020, involving unauthorized entries into multiple Walgreens stores impacting customer health-related information. Specific details on the number of affected individuals are unknown, but compromised information may include names, addresses, phone numbers, date of birth, medication details, and other health-related data.
Walgreen Co.
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The California Office of the Attorney General reported that Walgreen Co. experienced a data breach on January 15, 2020, which allowed unauthorized viewing of personal messages within the Walgreens mobile app. The breach affected messages containing limited health-related information of customers and involved a potential exposure of customer names, prescription numbers, and addresses. The notification was reported on February 28, 2020.
Walgreens
Data Leak
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: Walgreens’ Covid-19 test registration system exposed patient data of millions of people who got Covid-19 tests through Walgreens. The personal data — including your name, date of birth, gender identity, phone number, address, and email — was left on the open web for potentially anyone to see and for the multiple ad trackers on Walgreens’ site to collect. However, Walgreens added an authentication screen to its Covid-19 test confirmation pages and made it mandatory for anyone who wants to access the test confirmation pages to enter the patient’s date of birth first.
WBA Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for WBA
Incidents vs Retail Pharmacies Industry Average (This Year)
No incidents recorded for Walgreens Boots Alliance in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Walgreens Boots Alliance in 2025.
Incident Types WBA vs Retail Pharmacies Industry Avg (This Year)
No incidents recorded for Walgreens Boots Alliance in 2025.
Incident History — WBA (X = Date, Y = Severity)
WBA cyber incidents detection timeline including parent company and subsidiaries
WBA Company Subsidiaries
Walgreens Boots Alliance (Nasdaq: WBA) is an integrated healthcare, pharmacy and retail leader serving millions of customers and patients every day, with a 170-year heritage of caring for communities. A trusted, global innovator in retail pharmacy with more than 12,500 locations across the U.S., Europe and Latin America, WBA plays a critical role in the healthcare ecosystem. The company is reimagining local healthcare and well-being for all as part of its purpose – to create more joyful lives through better health. Through dispensing medicines, improving access to a wide range of health services, providing high quality health and beauty products and offering anytime, anywhere convenience across its digital platforms, WBA is shaping the future of healthcare. WBA employs approximately 330,000 people and has a presence in eight countries through its portfolio of consumer brands: Walgreens, Boots, Duane Reade, the No7 Beauty Company and Benavides in Mexico. Additionally, WBA has a portfolio of healthcare-focused investments located in several countries, including China and the U.S. The company is proud of its contributions to healthy communities, a healthy planet, an inclusive workplace and a sustainable marketplace. WBA has been recognized for its commitment to being an inclusive workplace. In fiscal 2023, the Company received a score of 100 from the Human Rights Campaign’s Corporate Equality Index, scored 100 percent on the Disability Equality Index for disability inclusion and was named Disability:IN’s 2023 Employer of the Year. In addition, WBA has been recognized for its commitment to operating sustainably as the company is an index component of the Dow Jones Sustainability Indices (DJSI).
Loading...
WBA Similar Companies
Founded in 1901, Walgreens (www.walgreens.com) has a storied heritage of caring for communities for generations and proudly serves nearly 9 million customers and patients each day across its approximately 8,500 stores throughout the U.S. and Puerto Rico, and leading omni-channel platforms. Walgreens
.png)
WBA CyberSecurity News
December 10, 2025 07:08 PM
Walgreens Boots Alliance (WBA) Stock in December 2025: Buyout Price, Delisting, and What’s Left for Investors
As of December 7, 2025, WBA stock is no longer a normal stock at all. Walgreens Boots Alliance has been taken private by Sycamore Partners,...
November 05, 2025 08:00 AM
DOJ Clears Google's $32B Deal To Buy Cybersecurity Co. Wiz
Google's plan to acquire Wiz for $32 billion and integrate the growing cloud security platform into Google Cloud has cleared the U.S....
August 29, 2025 07:00 AM
Sycamore finalises acquisition of Walgreens Boots Alliance
Private equity company Sycamore Partners has concluded the buyout of US retail pharmacy giant Walgreens Boots Alliance (WBA).
July 13, 2025 07:00 AM
Media Bites 14 July: tariffs, shopworkers, cybersecurity
Trump has announced a 30% tariff on imports from the EU from 1 August, and Morrisons has banned shop floor staff from stockrooms.
June 27, 2025 07:00 AM
Walgreens Boots Alliance says US front-end sales ‘weak’ in Q3 2025
US pharmacy Walgreens Boots Alliance (WBA) saw a 7.2% increase in sales to $39bn in the third quarter of fiscal 2025 (FY25),...
May 16, 2025 07:00 AM
Rite Aid Sale of Customer Health Data Looms as Security Concern
The pending sale of millions of customer health records as part of Rite Aid Corp. 's bankruptcy proceedings is putting a spotlight on data security protections.
May 15, 2025 07:00 AM
Walgreens Boots Alliance (WBA) Laps the Stock Market: Here's Why
In the most recent trading session, Walgreens Boots Alliance (WBA) closed at $11.18, indicating a +0.45% shift from the previous trading...
April 09, 2025 07:00 AM
Walgreens Boots Alliance sees net loss narrowed in Q2 FY25
US healthcare, pharmacy and retail company Walgreens Boots Alliance (WBA) has disclosed a net loss of $2.85bn for the second quarter (Q2) of...
March 18, 2025 07:00 AM
Google Buying Cybersecurity Co. Wiz In $32B Deal
Google said Tuesday it has agreed to acquire Wiz for $32 billion and integrate the growing cloud security platform into Google Cloud,...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
WBA CyberSecurity History Information
Official Website of Walgreens Boots Alliance
The official website of Walgreens Boots Alliance is http://www.walgreensbootsalliance.com.
Walgreens Boots Alliance’s AI-Generated Cybersecurity Score
According to Rankiteo, Walgreens Boots Alliance’s AI-generated cybersecurity score is 784, reflecting their Fair security posture.
How many security badges does Walgreens Boots Alliance’ have ?
According to Rankiteo, Walgreens Boots Alliance currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Walgreens Boots Alliance have SOC 2 Type 1 certification ?
According to Rankiteo, Walgreens Boots Alliance is not certified under SOC 2 Type 1.
Does Walgreens Boots Alliance have SOC 2 Type 2 certification ?
According to Rankiteo, Walgreens Boots Alliance does not hold a SOC 2 Type 2 certification.
Does Walgreens Boots Alliance comply with GDPR ?
According to Rankiteo, Walgreens Boots Alliance is not listed as GDPR compliant.
Does Walgreens Boots Alliance have PCI DSS certification ?
According to Rankiteo, Walgreens Boots Alliance does not currently maintain PCI DSS compliance.
Does Walgreens Boots Alliance comply with HIPAA ?
According to Rankiteo, Walgreens Boots Alliance is not compliant with HIPAA regulations.
Does Walgreens Boots Alliance have ISO 27001 certification ?
According to Rankiteo,Walgreens Boots Alliance is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Walgreens Boots Alliance
Walgreens Boots Alliance operates primarily in the Retail Pharmacies industry.
Number of Employees at Walgreens Boots Alliance
Walgreens Boots Alliance employs approximately 132,058 people worldwide.
Subsidiaries Owned by Walgreens Boots Alliance
Walgreens Boots Alliance presently has no subsidiaries across any sectors.
Walgreens Boots Alliance’s LinkedIn Followers
Walgreens Boots Alliance’s official LinkedIn profile has approximately 159,292 followers.
NAICS Classification of Walgreens Boots Alliance
Walgreens Boots Alliance is classified under the NAICS code 44611, which corresponds to Pharmacies and Drug Stores.
Walgreens Boots Alliance’s Presence on Crunchbase
No, Walgreens Boots Alliance does not have a profile on Crunchbase.
Walgreens Boots Alliance’s Presence on LinkedIn
Yes, Walgreens Boots Alliance maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/walgreens-boots-alliance.
Cybersecurity Incidents Involving Walgreens Boots Alliance
As of December 19, 2025, Rankiteo reports that Walgreens Boots Alliance has experienced 7 cybersecurity incidents.
Number of Peer and Competitor Companies
Walgreens Boots Alliance has an estimated 76 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Walgreens Boots Alliance ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach and Data Leak.
How does Walgreens Boots Alliance detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with added authentication screen to covid-19 test confirmation pages, and remediation measures with made it mandatory to enter the patient’s date of birth first..
Incident Details
Can you provide details on each incident ?
Title: Boots Loyalty Card Points Theft
Description: Hackers broke into Advantage Card accounts to steal customers’ reward points to spend on themselves.
Type: Data Breach
Attack Vector: Account Compromise
Threat Actor: Unknown Hackers
Motivation: Financial Gain
Title: Walgreens Covid-19 Test Registration System Data Exposure
Description: Walgreens’ Covid-19 test registration system exposed patient data of millions of people who got Covid-19 tests through Walgreens. The personal data — including your name, date of birth, gender identity, phone number, address, and email — was left on the open web for potentially anyone to see and for the multiple ad trackers on Walgreens’ site to collect.
Type: Data Exposure
Attack Vector: Open Web Exposure
Vulnerability Exploited: Lack of Authentication
Title: Data Breach at Zellis Affecting The BBC, Boots, and British Airways
Description: The data breach experienced by the payroll company Zellis affected The BBC, Boots, and British Airways. The BBC is collaborating closely with Zellis as they urgently examine the scope of the data breach at their third-party supplier after becoming aware of it. An unauthenticated attacker might take advantage of the SQL injection vulnerability to access the database of MOVEit Transfer without authorization. The cybersecurity problem at Zellis, which included one of their third-party providers called MOVEit, has been reported to British Airways as having affected them.
Type: Data Breach
Attack Vector: SQL Injection
Vulnerability Exploited: SQL Injection
Title: Walgreen Co. Data Breach
Description: Unauthorized skimming devices were found at two Walgreens-owned Rite Aid locations in Nashville, TN, potentially affecting customer payment card information.
Date Detected: 2018-04-17
Date Publicly Disclosed: 2018-06-19
Type: Data Breach
Attack Vector: Skimming Devices
Vulnerability Exploited: Physical Security
Motivation: Financial Gain
Title: Walgreen Co. Data Breach
Description: Unauthorized viewing of personal messages within the Walgreens mobile app, exposing limited health-related information of customers.
Date Detected: 2020-01-15
Date Publicly Disclosed: 2020-02-28
Type: Data Breach
Attack Vector: Mobile App Vulnerability
Vulnerability Exploited: Unauthorized Access
Title: Walgreen Co. Data Breach
Description: The California Office of the Attorney General reported that Walgreen Co. experienced a data breach between May 26 and June 5, 2020, involving unauthorized entries into multiple Walgreens stores impacting customer health-related information. Specific details on the number of affected individuals are unknown, but compromised information may include names, addresses, phone numbers, date of birth, medication details, and other health-related data.
Date Detected: 2020-05-26
Type: Data Breach
Attack Vector: Unauthorized Entry
Title: Walgreens Credit Card Receipt Data Exposure
Description: The plaintiff, Marianna Wharry, brought a claim against Walgreens under the Fair and Accurate Credit Transactions Act of 2003, alleging the company violated the law's truncation requirement by including the first six digits and the last four digits of her 16-digit card number on her receipt.
Type: Data Exposure
Vulnerability Exploited: Improper truncation of payment card information on receipts
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through MOVEit Transfer and Skimming Devices.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach BOO2325221222
Data Compromised: Loyalty Points
Systems Affected: Customer Database
Incident : Data Exposure WAL221827123
Data Compromised: Name, Date of birth, Gender identity, Phone number, Address, Email
Systems Affected: Covid-19 Test Registration System
Incident : Data Breach BOO74919923
Systems Affected: MOVEit Transfer
Incident : Data Breach WAL127072425
Data Compromised: Customer credit or debit card numbers, Associated pins, Possibly names
Payment Information Risk: High
Incident : Data Breach WAL748072525
Data Compromised: Customer names, Prescription numbers, Addresses, Limited health-related information
Systems Affected: Walgreens mobile app
Incident : Data Breach WAL920080425
Data Compromised: Names, Addresses, Phone numbers, Date of birth, Medication details, Other health-related data
Incident : Data Exposure WAL1766022901
Data Compromised: Payment card information (first six and last four digits of 16-digit card number)
Systems Affected: Point-of-sale (POS) or receipt generation system
Brand Reputation Impact: Potential reputational damage due to regulatory violation
Legal Liabilities: Lawsuit under the Fair and Accurate Credit Transactions Act of 2003
Identity Theft Risk: Increased risk of identity theft or payment fraud
Payment Information Risk: Exposure of partial payment card details
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Loyalty Points, Personal Data, Customer Credit Or Debit Card Numbers, Associated Pins, Possibly Names, , Customer Names, Prescription Numbers, Addresses, Limited Health-Related Information, , Names, Addresses, Phone Numbers, Date Of Birth, Medication Details, Other Health-Related Data, and Payment card information.
Which entities were affected by each incident ?
Incident : Data Breach BOO2325221222
Entity Name: Boots
Entity Type: Retail
Industry: Pharmacy and Healthcare
Size: Large
Customers Affected: 150,000
Incident : Data Exposure WAL221827123
Entity Name: Walgreens
Entity Type: Pharmacy
Industry: Healthcare
Customers Affected: Millions
Incident : Data Breach BOO74919923
Entity Name: British Airways
Entity Type: Airline
Industry: Aviation
Incident : Data Breach WAL127072425
Entity Name: Walgreen Co.
Entity Type: Retail
Industry: Pharmacy
Location: Nashville, TN
Incident : Data Breach WAL748072525
Entity Name: Walgreen Co.
Entity Type: Company
Industry: Healthcare
Incident : Data Breach WAL920080425
Entity Name: Walgreen Co.
Entity Type: Retail
Industry: Pharmacy
Location: Multiple Walgreens stores
Incident : Data Exposure WAL1766022901
Entity Name: Walgreens
Entity Type: Retail Pharmacy
Industry: Healthcare/Retail
Customers Affected: At least one (Marianna Wharry)
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Exposure WAL221827123
Containment Measures: Added authentication screen to Covid-19 test confirmation pages
Remediation Measures: Made it mandatory to enter the patient’s date of birth first
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach BOO2325221222
Type of Data Compromised: Loyalty Points
Number of Records Exposed: 150,000
Sensitivity of Data: Low
Incident : Data Exposure WAL221827123
Type of Data Compromised: Personal Data
Number of Records Exposed: Millions
Sensitivity of Data: High
Incident : Data Breach WAL127072425
Type of Data Compromised: Customer credit or debit card numbers, Associated pins, Possibly names
Sensitivity of Data: High
Personally Identifiable Information: Possibly names
Incident : Data Breach WAL748072525
Type of Data Compromised: Customer names, Prescription numbers, Addresses, Limited health-related information
Sensitivity of Data: Medium
Personally Identifiable Information: Customer namesPrescription numbersAddresses
Incident : Data Breach WAL920080425
Type of Data Compromised: Names, Addresses, Phone numbers, Date of birth, Medication details, Other health-related data
Sensitivity of Data: High
Personally Identifiable Information: namesaddressesphone numbersdate of birth
Incident : Data Exposure WAL1766022901
Type of Data Compromised: Payment card information
Number of Records Exposed: At least one
Sensitivity of Data: High (partial payment card details)
Personally Identifiable Information: Partial payment card number
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Made it mandatory to enter the patient’s date of birth first.
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by added authentication screen to covid-19 test confirmation pages.
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Exposure WAL1766022901
Regulations Violated: Fair and Accurate Credit Transactions Act of 2003 (FACTA),
Legal Actions: Lawsuit filed by plaintiff
How does the company ensure compliance with regulatory requirements ?
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through Lawsuit filed by plaintiff.
References
Where can I find more information about each incident ?
Incident : Data Breach WAL127072425
Source: California Office of the Attorney General
Date Accessed: 2018-06-19
Incident : Data Breach WAL748072525
Source: California Office of the Attorney General
Date Accessed: 2020-02-28
Incident : Data Breach WAL920080425
Source: California Office of the Attorney General
Incident : Data Exposure WAL1766022901
Source: Legal case filing
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: California Office of the Attorney GeneralDate Accessed: 2018-06-19, and Source: California Office of the Attorney GeneralDate Accessed: 2020-02-28, and Source: California Office of the Attorney General, and Source: Legal case filing.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach BOO74919923
Entry Point: MOVEit Transfer
Incident : Data Breach WAL127072425
Entry Point: Skimming Devices
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Exposure WAL1766022901
Root Causes: Failure to properly truncate payment card information on receipts as required by FACTA
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Unknown Hackers.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2018-04-17.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2020-02-28.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Loyalty Points, Name, Date of Birth, Gender Identity, Phone Number, Address, Email, , Customer credit or debit card numbers, Associated PINs, Possibly names, , Customer names, Prescription numbers, Addresses, Limited health-related information, , names, addresses, phone numbers, date of birth, medication details, other health-related data, and Payment card information (first six and last four digits of 16-digit card number).
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was MOVEit Transfer and Walgreens mobile app and .
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Added authentication screen to Covid-19 test confirmation pages.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Customer names, phone numbers, date of birth, Loyalty Points, addresses, medication details, Name, Customer credit or debit card numbers, Limited health-related information, Prescription numbers, Phone Number, Possibly names, Addresses, names, Address, Gender Identity, other health-related data, Date of Birth, Email, Associated PINs and Payment card information (first six and last four digits of 16-digit card number).
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 150.0B.
Regulatory Compliance
What was the most significant legal action taken for a regulatory violation ?
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was Lawsuit filed by plaintiff.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are California Office of the Attorney General and Legal case filing.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker were an Skimming Devices and MOVEit Transfer.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Zerobyte is a backup automation tool Zerobyte versions prior to 0.18.5 and 0.19.0 contain an authentication bypass vulnerability where authentication middleware is not properly applied to API endpoints. This results in certain API endpoints being accessible without valid session credentials. This is dangerous for those who have exposed Zerobyte to be used outside of their internal network. A fix has been applied in both version 0.19.0 and 0.18.5. If immediate upgrade is not possible, restrict network access to the Zerobyte instance to trusted networks only using firewall rules or network segmentation. This is only a temporary mitigation; upgrading is strongly recommended.
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Description
Open Source Point of Sale (opensourcepos) is a web based point of sale application written in PHP using CodeIgniter framework. Starting in version 3.4.0 and prior to version 3.4.2, a Cross-Site Request Forgery (CSRF) vulnerability exists in the application's filter configuration. The CSRF protection mechanism was **explicitly disabled**, allowing the application to process state-changing requests (POST) without verifying a valid CSRF token. An unauthenticated remote attacker can exploit this by hosting a malicious web page. If a logged-in administrator visits this page, their browser is forced to send unauthorized requests to the application. A successful exploit allows the attacker to silently create a new Administrator account with full privileges, leading to a complete takeover of the system and loss of confidentiality, integrity, and availability. The vulnerability has been patched in version 3.4.2. The fix re-enables the CSRF filter in `app/Config/Filters.php` and resolves associated AJAX race conditions by adjusting token regeneration settings. As a workaround, administrators can manually re-enable the CSRF filter in `app/Config/Filters.php` by uncommenting the protection line. However, this is not recommended without applying the full patch, as it may cause functionality breakage in the Sales module due to token synchronization issues.
Risk Information
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References
- https://github.com/Nixon-H/CVE-2025-68434-OSPOS-CSRF-Unauthorized-Administrator-Creation
- https://github.com/opensourcepos/opensourcepos/commit/d575c8da9a1d7af8313a1e758e000e243f5614ef
- https://github.com/opensourcepos/opensourcepos/pull/4349
- https://github.com/opensourcepos/opensourcepos/security/advisories/GHSA-wjm4-hfwg-5w5r
Description
Zed, a code editor, has an aribtrary code execution vulnerability in versions prior to 0.218.2-pre. The Zed IDE loads Model Context Protocol (MCP) configurations from the `settings.json` file located within a project’s `.zed` subdirectory. A malicious MCP configuration can contain arbitrary shell commands that run on the host system with the privileges of the user running the IDE. This can be triggered automatically without any user interaction besides opening the project in the IDE. Version 0.218.2-pre fixes the issue by implementing worktree trust mechanism. As a workaround, users should carefully review the contents of project settings files (`./zed/settings.json`) before opening new projects in Zed.
Risk Information
cvss3
Base: 7.7
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Description
Zed, a code editor, has an aribtrary code execution vulnerability in versions prior to 0.218.2-pre. The Zed IDE loads Language Server Protocol (LSP) configurations from the `settings.json` file located within a project’s `.zed` subdirectory. A malicious LSP configuration can contain arbitrary shell commands that run on the host system with the privileges of the user running the IDE. This can be triggered when a user opens project file for which there is an LSP entry. A concerted effort by an attacker to seed a project settings file (`./zed/settings.json`) with malicious language server configurations could result in arbitrary code execution with the user's privileges if the user opens the project in Zed without reviewing the contents. Version 0.218.2-pre fixes the issue by implementing worktree trust mechanism. As a workaround, users should carefully review the contents of project settings files (`./zed/settings.json`) before opening new projects in Zed.
Risk Information
cvss3
Base: 7.7
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Description
Storybook is a frontend workshop for building user interface components and pages in isolation. A vulnerability present starting in versions 7.0.0 and prior to versions 7.6.21, 8.6.15, 9.1.17, and 10.1.10 relates to Storybook’s handling of environment variables defined in a `.env` file, which could, in specific circumstances, lead to those variables being unexpectedly bundled into the artifacts created by the `storybook build` command. When a built Storybook is published to the web, the bundle’s source is viewable, thus potentially exposing those variables to anyone with access. For a project to potentially be vulnerable to this issue, it must build the Storybook (i.e. run `storybook build` directly or indirectly) in a directory that contains a `.env` file (including variants like `.env.local`) and publish the built Storybook to the web. Storybooks built without a `.env` file at build time are not affected, including common CI-based builds where secrets are provided via platform environment variables rather than `.env` files. Storybook runtime environments (i.e. `storybook dev`) are not affected. Deployed applications that share a repo with your Storybook are not affected. Users should upgrade their Storybook—on both their local machines and CI environment—to version .6.21, 8.6.15, 9.1.17, or 10.1.10 as soon as possible. Maintainers additionally recommend that users audit for any sensitive secrets provided via `.env` files and rotate those keys. Some projects may have been relying on the undocumented behavior at the heart of this issue and will need to change how they reference environment variables after this update. If a project can no longer read necessary environmental variable values, either prefix the variables with `STORYBOOK_` or use the `env` property in Storybook’s configuration to manually specify values. In either case, do not include sensitive secrets as they will be included in the built bundle.
Risk Information
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=walgreens-boots-alliance' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
