WBD
Company Details
Linkedin ID:
warner-bros-discovery
Website:
Employees number:
41,820
Number of followers:
1,090,380
NAICS:
71
Industry Type:
Homepage:
wbd.com
IP Addresses:
2547
Company ID:
WAR_3112173
Scan Status:
Completed
Warner Bros. Discovery Company CyberSecurity Posture
wbd.com
Warner Bros. Discovery, a premier global media and entertainment company, offers audiences the world’s most differentiated and complete portfolio of content, brands and franchises across television, film, streaming and gaming. The new company combines WarnerMedia’s premium entertainment, sports and news assets with Discovery’s leading non-fiction and international entertainment and sports businesses. ****Please be aware of recruitment scams by individuals posing as employers and encouraging candidates to apply for, interview and/or accept nonexistent job opportunities as a means to solicit personal information or money. The online scammers have become much more sophisticated in their attempts to lure victims. Employment opportunities and job offers at Warner Bros. Discovery will always come from our Talent Acquisition and hiring teams. Never provide sensitive, personal information to someone unless you’re confident who the recipient is. WBD does not extend job offers via email or on any other messaging tools to individuals to whom we have not made prior contact. Our email domain is @wbd.com. A valid link for employment with Warner Bros. Discovery can be found at https://careers.wbd.com/global/en. If you believe you have been contacted by a scammer and may be the victim of fraud or identity theft, you should report details to the police where you live. You can also report job scams to the FTC. Learn more at https://consumer.ftc.gov/articles/job-scams. *****
Warner Bros. Discovery A.I CyberSecurity Scoring
WBD Risk Score (AI oriented)Between 800 and 849
WBD
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
WBD Global Score (TPRM)XXXX
WBD
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
WBD Company CyberSecurity News & History
Past Incidents
3
Attack Types
2
Bleacher Report
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The California Office of the Attorney General reported a data breach involving Bleacher Report on December 16, 2016. The breach exposed user login credentials, including first names, last names, usernames (email addresses), and passwords. The specific date of the breach is unknown, but it was reported that unauthorized access occurred on or before early November 2016, affecting an unspecified number of users.
CNN
Cyber Attack
Rankiteo Explanation
Attack limited on finance or reputation
Description: Scammers in West Africa, potentially Nigeria and known as Yahoo Boys, have escalated sextortion tactics using AI to create fake news videos that hound victims into paying ransoms. Fraudsters craft videos with falsified CNN branding, featuring AI-generated anchors falsely accusing individuals of serious crimes, including sexual assault, showing victims' photos and explicit content. The deepfake approach is profoundly malicious, seeking to humiliate and extort money under extreme pressure. Targets extend beyond English-speaking individuals to global victims, indicating an alarming evolution of online scamming and blackmail methodologies.
Home Box Office, Inc.
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The California Office of the Attorney General reported on October 30, 2017, that Home Box Office, Inc. (HBO) experienced a data breach on May 15, 2017. The breach involved unauthorized access to HBO's information technology network, compromising personally identifiable information of individuals. The specific number of affected individuals and detailed types of personal information compromised remain unknown.
WBD Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for WBD
Incidents vs Entertainment Providers Industry Average (This Year)
No incidents recorded for Warner Bros. Discovery in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Warner Bros. Discovery in 2025.
Incident Types WBD vs Entertainment Providers Industry Avg (This Year)
No incidents recorded for Warner Bros. Discovery in 2025.
Incident History — WBD (X = Date, Y = Severity)
WBD cyber incidents detection timeline including parent company and subsidiaries
WBD Company Subsidiaries
Warner Bros. Discovery, a premier global media and entertainment company, offers audiences the world’s most differentiated and complete portfolio of content, brands and franchises across television, film, streaming and gaming. The new company combines WarnerMedia’s premium entertainment, sports and news assets with Discovery’s leading non-fiction and international entertainment and sports businesses. ****Please be aware of recruitment scams by individuals posing as employers and encouraging candidates to apply for, interview and/or accept nonexistent job opportunities as a means to solicit personal information or money. The online scammers have become much more sophisticated in their attempts to lure victims. Employment opportunities and job offers at Warner Bros. Discovery will always come from our Talent Acquisition and hiring teams. Never provide sensitive, personal information to someone unless you’re confident who the recipient is. WBD does not extend job offers via email or on any other messaging tools to individuals to whom we have not made prior contact. Our email domain is @wbd.com. A valid link for employment with Warner Bros. Discovery can be found at https://careers.wbd.com/global/en. If you believe you have been contacted by a scammer and may be the victim of fraud or identity theft, you should report details to the police where you live. You can also report job scams to the FTC. Learn more at https://consumer.ftc.gov/articles/job-scams. *****
Loading...
WBD Similar Companies
Universal Music Group (UMG) is the world leader in music-based entertainment, with a broad array of businesses engaged in recorded music, music publishing, merchandising and audiovisual content in more than 60 countries. Featuring the most comprehensive catalog of recordings and songs across every m
Lucidity
Lucidity Agency Models, también conocida como Lucidity, es una agencia de modelos establecida en vancouver, Canada, en 2010 por el conglomerado The Ivan Group. Lucidity maneja en la actualidad a más de 800 modelos de los cinco continentes, convirtiéndola en la agencia de modelos más grande del mund
Dave & Buster's Inc.
Welcome to Dave & Buster's, the ONLY place to Eat, Drink, Play & Watch Sports®, all under one roof! Here, you can immerse yourself in a world of excitement, from our Million Dollar Midway, packed with the hottest arcade games, to our mouth-watering, chef-crafted creations served in our American rest
Recognized three years in a row by Great Place to Work® and named one of People Magazine’s Top 50 Companies that Care, Live Nation Entertainment is the global leader in live events and ticketing. With business operations and corporate functions across major divisions including Ticketmaster, Concerts
Headquartered in Plano, TX, Cinemark Holdings, Inc. provides premium out-of-home entertainment experiences as one of the largest and most influential theatrical exhibition companies in the world with 497 theatres and 5,653 screens in the U.S. and Latin America as of December 31, 2024. • Our circuit
TikTok
TikTok is a discovery tool made just for you. TikTok is a global platform for discovery, joy and endless possibilities — connecting and entertaining more than a billion people across more than 150 countries. TikTok's headquarters are in Los Angeles and Singapore, with additional offices in Austin
Sony’s purpose is simple. We aim to fill the world with emotion, through the power of creativity and technology. We want to be responsible for getting hearts racing, stirring ambition, and putting a smile on the faces of our customers. That challenge, combined with our spirit of innovation, motivate
Entain
Welcome to Entain. Our journey as Entain began when we evolved from GVC Holdings on 9th December 2020, but our brands have been paving the way and making history since the 1880s. Today, we’re one of the world’s largest sports betting and gaming entertainment groups – a FTSE 100 company that is h
The Walt Disney Company, together with its subsidiaries and affiliates, is a leading diversified international family entertainment and media enterprise that includes three core business segments: Disney Entertainment, ESPN, and Disney Experiences. Our mission is to entertain, inform and inspire pe
.png)
WBD CyberSecurity News
November 26, 2025 10:04 PM
Warner Bros. Studio Operations Hit With Wage And Hour Suit
Warner Bros. Studio Operations and related companies made California employees work through their meal breaks, required them to work unpaid...
November 26, 2025 07:52 PM
Warner Bros. Sale: Paramount Has Edge, But Regulatory Hurdles Loom
Competing bids for Warner Bros. Discovery reveal how antitrust risk, political capital and scale may decide the future of one of Hollywood's...
November 23, 2025 03:45 AM
Two men accused of hacking and extorting US companies previously worked for cybersecurity firms
(CNN) — Two former employees of cybersecurity firms that sold services helping companies combat hackers have been indicted and accused of participating in a...
November 22, 2025 02:49 PM
Paramount, Comcast and Netflix in the running to buy Warner Bros. Discovery
Last week several entertainment giants submitted formal bids for partial or full acquisition of Warner Bros. Discovery, as the first round...
November 21, 2025 08:07 PM
Bidders for Warner Bros Discovery face barrage of political and regulatory risks
Paramount Skydance , Comcast and Netflix are bidding to buy Warner Bros Discovery , Reuters reported on Thursday, but each company's bid...
November 21, 2025 04:47 PM
Paramount, Comcast, Netflix submit bids for Warner Bros. Discovery
Warner Bros. Discovery recently expanded its strategic review of its business, saying it's open for a sale. First-round bids came in this...
November 21, 2025 03:20 PM
Paramount, Comcast and Netflix submit bids for Warner Bros Discovery, source says
Warner Bros Discovery has received preliminary buyout bids from rivals Paramount Skydance , Comcast and Netflix , a source familiar with the...
November 21, 2025 01:19 AM
Paramount, Comcast and Netflix Submit Bids for Warner Bros. Discovery
Of the three bidders, only Paramount is pursuing all of Warner Discovery, including cable channels.
October 31, 2025 07:00 AM
Netflix exploring bid for Warner Bros. Discovery
Tech News News: Netflix is reportedly exploring the acquisition of Warner Bros. Discovery's studio and streaming operations, hiring Moelis...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
WBD CyberSecurity History Information
Official Website of Warner Bros. Discovery
The official website of Warner Bros. Discovery is https://wbd.com/.
Warner Bros. Discovery’s AI-Generated Cybersecurity Score
According to Rankiteo, Warner Bros. Discovery’s AI-generated cybersecurity score is 825, reflecting their Good security posture.
How many security badges does Warner Bros. Discovery’ have ?
According to Rankiteo, Warner Bros. Discovery currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Warner Bros. Discovery have SOC 2 Type 1 certification ?
According to Rankiteo, Warner Bros. Discovery is not certified under SOC 2 Type 1.
Does Warner Bros. Discovery have SOC 2 Type 2 certification ?
According to Rankiteo, Warner Bros. Discovery does not hold a SOC 2 Type 2 certification.
Does Warner Bros. Discovery comply with GDPR ?
According to Rankiteo, Warner Bros. Discovery is not listed as GDPR compliant.
Does Warner Bros. Discovery have PCI DSS certification ?
According to Rankiteo, Warner Bros. Discovery does not currently maintain PCI DSS compliance.
Does Warner Bros. Discovery comply with HIPAA ?
According to Rankiteo, Warner Bros. Discovery is not compliant with HIPAA regulations.
Does Warner Bros. Discovery have ISO 27001 certification ?
According to Rankiteo,Warner Bros. Discovery is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Warner Bros. Discovery
Warner Bros. Discovery operates primarily in the Entertainment Providers industry.
Number of Employees at Warner Bros. Discovery
Warner Bros. Discovery employs approximately 41,820 people worldwide.
Subsidiaries Owned by Warner Bros. Discovery
Warner Bros. Discovery presently has no subsidiaries across any sectors.
Warner Bros. Discovery’s LinkedIn Followers
Warner Bros. Discovery’s official LinkedIn profile has approximately 1,090,380 followers.
NAICS Classification of Warner Bros. Discovery
Warner Bros. Discovery is classified under the NAICS code 71, which corresponds to Arts, Entertainment, and Recreation.
Warner Bros. Discovery’s Presence on Crunchbase
No, Warner Bros. Discovery does not have a profile on Crunchbase.
Warner Bros. Discovery’s Presence on LinkedIn
Yes, Warner Bros. Discovery maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/warner-bros-discovery.
Cybersecurity Incidents Involving Warner Bros. Discovery
As of November 27, 2025, Rankiteo reports that Warner Bros. Discovery has experienced 3 cybersecurity incidents.
Number of Peer and Competitor Companies
Warner Bros. Discovery has an estimated 7,228 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Warner Bros. Discovery ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach and Cyber Attack.
Incident Details
Can you provide details on each incident ?
Title: AI-Generated Sextortion Scam
Description: Scammers in West Africa, potentially Nigeria and known as Yahoo Boys, have escalated sextortion tactics using AI to create fake news videos that hound victims into paying ransoms. Fraudsters craft videos with falsified CNN branding, featuring AI-generated anchors falsely accusing individuals of serious crimes, including sexual assault, showing victims' photos and explicit content. The deepfake approach is profoundly malicious, seeking to humiliate and extort money under extreme pressure. Targets extend beyond English-speaking individuals to global victims, indicating an alarming evolution of online scamming and blackmail methodologies.
Type: Sextortion
Attack Vector: Deepfake videos
Threat Actor: Yahoo Boys
Motivation: Financial gain
Title: HBO Data Breach
Description: Unauthorized access to HBO's information technology network, compromising personally identifiable information of individuals.
Date Detected: 2017-05-15
Date Publicly Disclosed: 2017-10-30
Type: Data Breach
Attack Vector: Unauthorized Access
Title: Bleacher Report Data Breach
Description: The California Office of the Attorney General reported a data breach involving Bleacher Report on December 16, 2016. The breach exposed user login credentials, including first names, last names, usernames (email addresses), and passwords. The specific date of the breach is unknown, but it was reported that unauthorized access occurred on or before early November 2016, affecting an unspecified number of users.
Date Publicly Disclosed: 2016-12-16
Type: Data Breach
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach HBO508072525
Data Compromised: Personally identifiable information
Incident : Data Breach BLE208072825
Data Compromised: First names, Last names, Usernames (email addresses), Passwords
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personally Identifiable Information, First Names, Last Names, Usernames (Email Addresses), Passwords and .
Which entities were affected by each incident ?
Incident : Sextortion CNN000012825
Location: Global
Incident : Data Breach HBO508072525
Entity Name: Home Box Office, Inc. (HBO)
Entity Type: Entertainment Company
Industry: Entertainment
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach HBO508072525
Type of Data Compromised: Personally Identifiable Information
Incident : Data Breach BLE208072825
Type of Data Compromised: First names, Last names, Usernames (email addresses), Passwords
Personally Identifiable Information: first nameslast namesusernames (email addresses)
References
Where can I find more information about each incident ?
Incident : Data Breach HBO508072525
Source: California Office of the Attorney General
Date Accessed: 2017-10-30
Incident : Data Breach BLE208072825
Source: California Office of the Attorney General
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: California Office of the Attorney GeneralDate Accessed: 2017-10-30, and Source: California Office of the Attorney General.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Yahoo Boys.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2017-05-15.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2016-12-16.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Personally Identifiable Information, , first names, last names, usernames (email addresses), passwords and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were first names, usernames (email addresses), last names, passwords and Personally Identifiable Information.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is California Office of the Attorney General.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=warner-bros-discovery' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
