What is the official website of Wells Fargo ?

The official website of Wells Fargo is http://www.wellsfargo.com.

What is Wells Fargo's cybersecurity risk score?

Wells Fargo has an AI-generated cybersecurity risk score of 796 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has Wells Fargo experienced?

According to Rankiteo, Wells Fargo currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Wells Fargo been affected by any supply chain cyber incidents ?

According to Rankiteo, Wells Fargo has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does Wells Fargo have SOC 2 Type 1 certification ?

According to Rankiteo, Wells Fargo is not certified under SOC 2 Type 1.

Does Wells Fargo have SOC 2 Type 2 certification ?

According to Rankiteo, Wells Fargo does not hold a SOC 2 Type 2 certification.

Does Wells Fargo comply with GDPR ?

According to Rankiteo, Wells Fargo is not listed as GDPR compliant.

Does Wells Fargo have PCI DSS certification ?

According to Rankiteo, Wells Fargo does not currently maintain PCI DSS compliance.

Does Wells Fargo comply with HIPAA ?

According to Rankiteo, Wells Fargo is not compliant with HIPAA regulations.

Does Wells Fargo have ISO 27001 certification ?

According to Rankiteo,Wells Fargo is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Wells Fargo operate in ?

Wells Fargo operates primarily in the Financial Services industry.

How many employees does Wells Fargo have ?

Wells Fargo employs approximately 221,512 people worldwide.

Does Wells Fargo own any subsidiaries ?

Wells Fargo presently has no subsidiaries across any sectors.

How many LinkedIn followers does Wells Fargo have ?

Wells Fargo's official LinkedIn profile has approximately 3,162,962 followers.

What is the NAICS classification code for Wells Fargo ?

Wells Fargo is classified under the NAICS code 52, which corresponds to Finance and Insurance.

Does Wells Fargo have a Crunchbase profile ?

No, Wells Fargo does not have a profile on Crunchbase.

Does Wells Fargo have a LinkedIn profile ?

Yes, Wells Fargo maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/wellsfargo.

How many cybersecurity incidents has Wells Fargo experienced ?

As of June 16, 2026, Rankiteo reports that Wells Fargo has experienced 5 cybersecurity incidents.

How many peer or competitor companies does Wells Fargo have ?

Wells Fargo has an estimated 32,101 peer or competitor companies worldwide.

What types of cybersecurity incidents has Wells Fargo faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Breach and Cyber Attack.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

Wells Fargo

Boost Score +25 with badge (5 left)

796

/1000

Fair

821

/1000

Good

Wells Fargo Vendor Cyber Rating & Cyber Score

wellsfargo.com

Add Your Compliance Badge

Wells Fargo & Company (NYSE: WFC) is a diversified, community-based financial services company with approximately $1.9 trillion in assets. Wells Fargo’s vision is to satisfy our customers’ financial needs and help them succeed financially. Founded in 1852 and headquartered in San Francisco, Wells Fargo provides banking, investment and mortgage products and services, as well as consumer and commercial finance, through more than 7,300 locations, 12,000 ATMs, the internet (wellsfargo.com) and mobile banking, and has offices in over 40 countries and territories to support customers who conduct business in the global economy. With approximately 250,000 team members, Wells Fargo serves one in three households in the United States. Wells Fargo &

Wells Fargo A.I CyberSecurity Scoring

Scoring History

Wells Fargo

Wells Fargo CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Wells Fargo

Cyber Attack

12/2025

CITWELNAVUSAFID...

Wells Fargo

Breach

5/2022

WEL033091825

Wells Fargo

Breach

12/2021

WEL539072925

Wells Fargo

Breach

11/2019

WEL1014090725

Wells Fargo

Breach

7/2017

WEL659072525

Loading…

A.I.

Wells Fargo Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for Wells Fargo

Incidents vs Financial Services Industry Avg (This Year)

No incidents recorded for Wells Fargo in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Wells Fargo in 2026.

Incident Types Wells Fargo vs Financial Services Industry Avg (This Year)

No incidents recorded for Wells Fargo in 2026.

Incident History - Wells Fargo (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Wells Fargo Subsidiaries

Wells Fargo

Financial Services

Website: http://www.wellsfargo.com

Company Size: 10,000+ employees

Wells Fargo Corporate & Investment BankingFinancial Services

Wells Fargo AdvisorsFinancial Services

Loading…

Wells Fargo Similar Companies

Lars Larsen Group

larslarsengroup.com

Lars Larsen Group is owned by the Brunsborg family, descendants of JYSK founder Lars Larsen. The Group owns companies within a number of business areas including furniture, interior design, restaurants and hotels, and is also an active investor in equities, funds, and real estate. The Group is to this day operated in accordance with the family’s fundamental values of tradesmanship, responsibility and growth.

CIMB

cimb.com

CIMB Group is a leading ASEAN universal bank, one of the largest Asian investment banks and one of the world's largest Islamic banks. We are headquartered in Kuala Lumpur, Malaysia and offer consumer banking, commercial banking, wholesale banking, Islamic banking, and asset management products and services. As the fifth largest banking group in ASEAN, we have over 36,000 staff in 16 locations across ASEAN, Asia and beyond. CIMB Bank and CIMB Islamic Bank are members of PIDM.

Prudential Financial

prudential.com

Prudential Financial (NYSE:PRU) was founded on the belief that financial security should be within reach for everyone, and for over 140 years, we have helped our customers reach their potential and tackle life's challenges for now and future generations to come. Today, we are one of the world’s largest financial services institutions, offering individual and institutional clients a wide array of financial products and services. With operations in the United States, Asia, Europe and Latin America, we are known for delivering on our promises to our customers, and are recognized as a trusted brand and one of the world’s most admired companies. We also have one of the most recognized and trusted brand symbols: The Rock®, an icon of strength, stability, expertise and innovation. We measure our long-term success on our ability to deliver value for shareholders, meet customer needs, and attract and develop the best talent in our industry. We offer an inclusive work environment where employees can develop to their full potential, and give back to the communities where we live and work. (Pru.us/disclaimer)

LPL Financial

lpl.com

LPL Financial Holdings Inc. (Nasdaq: LPLA) is among the fastest growing wealth management firms in the U.S. As a leader in the financial advisor-mediated marketplace, LPL supports over 29,000 financial advisors and the wealth management practices of approximately 1,100 financial institutions, servicing and custodying approximately $1.9 trillion in brokerage and advisory assets on behalf of approximately 7 million Americans. The firm provides a wide range of advisor affiliation models, investment solutions, fintech tools and practice management services, ensuring that advisors and institutions have the flexibility to choose the business model, services, and technology resources they need to run thriving businesses.

PING AN

cb pingan.com

This is the official Company Page of Ping An Insurance (Group) Company of China, Ltd. (HKEx: 2318; SSE: 601318; ADR: PNGAY). Ping An strives to become a world leading technology-powered financial services group. We believe the way people receive financial services and healthcare in the future will be through intelligent ecosystems enabled by technology. With over 220 million retail customers and nearly 611 million Internet users, Ping An is one of the largest financial services companies in the world. Technology has enabled us to bring changes to the landscape of retail finance and healthcare in China. Supported by the Group’s strong core financials, our continued investment in fintech and healthtech resulted in increasing revenue contributions from our tech units as well as several unicorns. Ping An ranked 6th in the Forbes Global 2000 list and 16th in the Fortune Global 500 list in 2021. Follow us for latest news, events and job opportunities.

BDO Unibank

cb bdo.com.ph

BDO is a full-service universal bank in the Philippines. It provides a complete array of industry-leading products and services including Lending (corporate and consumer), Deposit-taking, Foreign Exchange, Brokering, Trust and Investments, Credit Cards, Corporate Cash Management, and Remittances in the Philippines. Through its local subsidiaries, the Bank offers Leasing and Financing, Investment Banking, Private Banking, Rural Banking, Life Insurance, Insurance Brokerage, and Stock Brokerage services. BDO's institutional strengths and value-added products and services hold the key to its successful business relationships with customers. Its branches remain at the forefront of setting high standards as a sales- and service-oriented, customer-focused force. BDO has one of the largest distribution networks, with more than 1,600 operating branches and over 4,500 ATMs nationwide. Through selective acquisitions and organic growth, BDO has positioned itself for increased balance sheet strength and continuing expansion into new markets. As of 30 June 2022, BDO is the country's largest bank in terms of total resources, customer loans, deposits, and assets under management. BDO is a publicly listed company (PLC), with its shares currently being traded at the Philippine Stock Exchange under the symbol “BDO”. BDO Unibank is regulated by the Banko Sentral ng Pilipinas. https://www.bsp.gov.ph For concerns, please visit any BDO branch near you or reach us through any of the channels listed in the Consumer Assistance page of our website: https://www.bdo.com.ph/consumer-assistance. Deposits are insured by PDIC up to P1 Million per depositor. The BDO, BDO Unibank and other BDO-related trademarks are owned by BDO Unibank, Inc. All Rights Reserved.

Absa Group

absa.africa

Absa Group Limited (Absa) has forged a new way of getting things done, driven by bravery and passion, with the readiness to realise growth on the African continent and beyond. We’re a truly African brand, inspired by the people we serve in Botswana, Ghana, Kenya, Mauritius, Mozambique, Seychelles, South Africa, Tanzania, Uganda, and Zambia. We also have representative offices in China, Namibia, Nigeria and the United States, as well as securities entities in the United Kingdom and the United States, along with technology support colleagues in the Czech Republic.

Aegon

cb aegon.com

People are living longer, and we are excited about the possibilities this brings. We see longevity, aging, and changing life patterns as an opportunity for our customers, our employees, and society as a whole. And we want to support everyone in building the financial means to explore the possibilities and challenges of a long and varied life. As an international financial services group, we unite a diverse range of businesses that, together, help millions of people around the world live their best lives by offering a broad mix of investment, protection, and retirement solutions. We create long-term value for our shareholders and other stakeholders through fully owned businesses, partnerships, and strategic shareholdings. Our portfolio includes fully owned subsidiaries in the US and UK, and a global asset management business; as well as partnerships in Brazil, China, France, Spain and Portugal. In the Netherlands, we generate value through our strategic shareholding in a market-leading insurance and pensions company.

Morgan Stanley

morganstanley.com

Morgan Stanley (NYSE: MS) is a leading global financial services firm providing a wide range of investment banking, securities, wealth management and investment management services. With offices in 42 countries, our firm's employees serve clients worldwide including corporations, governments, institutions and individuals. We are committed to maintaining the first-class service and high standard of excellence that have always defined the firm and everything we do is guided by our five core values: Do the right thing, put clients first, lead with exceptional ideas, commit to diversity and inclusion, and give back. All interactions on/with this account are subject to the Social Media Important Information https://www.morganstanley.com/disclosures/social-media-important-information which includes Morgan Stanley’s Privacy Pledge and relevant disclaimers/disclosures. By interacting with this account, you consent to the retention and monitoring of your interactions.

Loading…

NEWS

Wells Fargo CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

May 05, 2026 10:13 PM

What's Going On With CrowdStrike Stock On Tuesday?

Shares of CrowdStrike Holdings, Inc.(NASDAQ:CRWD) are trading higher on Tuesday. The company expanded its Project QuiltWorks initiative.

Read Article

May 01, 2026 05:50 PM

Wells Fargo Customer Gets TransUnion Class Certified

A Wells Fargo customer whose TransUnion LLC credit report kept showing a purportedly fraudulent transaction can now represent nearly 281000...

Read Article

May 01, 2026 07:00 AM

Best Wells Fargo credit cards of May 2026

Wells Fargo has introduced transferable travel rewards, which can boost the value of many of its cards.

Read Article

April 29, 2026 01:00 PM

Spotlight On: Elia Marenco, Commercial Banking Leader, Wells Fargo

Elia Marenco of Wells Fargo on middle market banking trends and growth in Greater Orlando.

Read Article

April 24, 2026 03:26 PM

The Great Wealth Transfer may be good for advisors, but brings other risks: Wells Fargo

If there's a cybercriminal out there that's targeting you, you want to make them work hard for the information,” said Lorne Maltenfort of...

Read Article

April 20, 2026 07:00 AM

Q1 Earnings Highlights: Wells Fargo (NYSE:WFC) Vs The Rest Of The Diversified Banks Stocks

Let's dig into the relative performance of Wells Fargo (NYSE:WFC) and its peers as we unravel the now-completed Q1 diversified banks...

Read Article

April 13, 2026 07:00 AM

AI-boosted hacks with Anthropic’s Mythos could have dire consequences for banks

Anthropic's Mythos, a new AI model the company and cybersecurity experts warn could supercharge complex cyberattacks, poses significant...

Read Article

April 10, 2026 07:00 AM

Powell, Bessent discussed Anthropic's Mythos AI cyber threat with major U.S. banks

Anthropic rolled out the new Mythos AI model to a select group of companies over concerns that hackers could exploit its capabilities.

Read Article

April 07, 2026 07:00 AM

PNC Bank, US Bank, Wells Fargo Sued Over Online Data Tracking

PNC Bank National Association, US Bank National Association, and Wells Fargo & Co. were hit with separate proposed class actions alleging...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-53430

SUMMARY

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Message modules) allows a denial of service via a gzip decompression bomb. This vulnerability is associated with program files lib/grpc/compressor/gzip.ex, lib/grpc/message.ex and program routines 'Elixir.GRPC.Compressor.Gzip':decompress/1, 'Elixir.GRPC.Message':from_data/2. 'Elixir.GRPC.Compressor.Gzip':decompress/1 calls :zlib.gunzip/1 directly on attacker-controlled bytes with no decompressed-size limit, ratio check, or incremental decoding. Because this module is the registered gzip GRPC.Compressor implementation, it is invoked automatically whenever an incoming gRPC frame carries the grpc-encoding: gzip header. :zlib.gunzip/1 allocates the entire decompressed result as a single binary, so a small highly compressible payload (for example a few kilobytes of zeros, which gzip compresses at roughly 1000:1) expands to multiple gigabytes inside a single call. The max_receive_message_length limit is enforced only against the already-decompressed message, so it provides no protection. An unauthenticated remote peer can send a single crafted frame to exhaust the BEAM node's heap and trigger an out-of-memory kill. This issue affects grpc: from 0.4.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 8.7

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48854

SUMMARY

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust the BEAM's memory and crash the server by streaming a large or slow-trickle unary request body. 'Elixir.GRPC.Server.Adapters.Cowboy.Handler':read_full_body/3 (lib/grpc/server/adapters/cowboy/handler.ex) accumulates every received chunk into a single growing binary with no size cap. Additionally, when the client omits the grpc-timeout header, the per-chunk read timeout resolves to :infinity, allowing a slow-trickle client to keep the connection alive indefinitely while memory grows. A single connection is sufficient to exhaust server memory and crash the node. This issue affects grpc from 0.3.1 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 8.7

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48853

SUMMARY

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc allow unauthenticated attackers to crash the BEAM node via atom table exhaustion and, when a decoded term flows into a call site that invokes it, achieve remote code execution on the server. 'Elixir.GRPC.Codec.Erlpack':decode/2 (lib/grpc/codec/erlpack.ex) calls :erlang.binary_to_term/1 on the raw gRPC message body without the :safe option, no size bound, and no type guard. Any unauthenticated peer that sends a request with Content-Type: application/grpc+erlpack can send a crafted payload that mints arbitrary new atoms (which are never garbage-collected, exhausting the bounded atom table and crashing the VM) or that encodes a fun term which, if applied anywhere downstream, executes attacker-controlled code inside the server process. This issue affects grpc from 0.4.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 9.2

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48723

SUMMARY

The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36.4 are vulnerable to OS command injection via the cypress_config_file configuration parameter. In readCypressConfigUtil.js, the loadJsFile() function constructs a shell command by interpolating the user-controlled cypress_config_filepath value into a template literal, then executes it via child_process.execSync(). Shell metacharacters in the config path (specifically " and ;) allow breaking out of the quoted argument and injecting arbitrary commands. This issue has been fixed in version 1.36.6.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: 7.8)

cvss3

Base Score: 7.8

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

1.8

REFERENCES

CVE-2026-48599

SUMMARY

Authorization Bypass Through User-Controlled Key vulnerability in elixir-grpc grpc allows authenticated attackers to access or modify resources belonging to other users by smuggling a conflicting value for any path-bound field via the query string or request body. In 'Elixir.GRPC.Server.Transcode':map_request/5 (lib/grpc/server/transcode.ex), all three clauses use Map.merge/2 with path bindings as the first argument, giving them the lowest merge precedence. A request such as GET /users/me/profile?user_id=victim (or a POST with {"user_id": "victim"} when body: "*") yields a decoded protobuf struct where the path-bound field carries the attacker-supplied value rather than the router-extracted value. Any handler that uses the path-bound field for authorization, multi-tenancy scoping, or ownership checks is silently bypassed. This issue affects grpc from 0.8.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 7.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…