Western Union
Company Details
Linkedin ID:
western-union
Website:
Employees number:
14,366
Number of followers:
338,662
NAICS:
52
Industry Type:
Homepage:
www.westernunion.com
IP Addresses:
20
Company ID:
WES_6106902
Scan Status:
Completed
Western Union Company CyberSecurity Posture
www.westernunion.com
Many know us as the most trusted way to send money to friends and family overseas and across borders, but we're much more than that. Our talented teams around the world are building new ways to send, save and spend money. Wherever you are in the world, in whatever currency you choose, we're evolving our services to meet the demands of tomorrow. We're here for what's next. When our teams make more financial services accessible to people everywhere, we help more people prosper, transforming lives and communities.
Western Union A.I CyberSecurity Scoring
Western Union Risk Score (AI oriented)Between 700 and 749
Western Union
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Western Union Global Score (TPRM)XXXX
Western Union
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Western Union Company CyberSecurity News & History
Past Incidents
2
Attack Types
1
Western Union Financial Services, Inc.
Breach
Rankiteo Explanation
Attack without any consequences
Description: The California Office of the Attorney General reported that Western Union Financial Services, Inc. experienced a data breach on December 24, 2020, due to a compromised file transfer service provided by its vendor, Accellion. The breach was reported on March 17, 2021, but the number of affected individuals and specific types of information compromised remain unknown.
Western Union
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Some Western Union consumers started receiving a letter from the company last month It informed them of a data breach that had occurred at a data storage company used by Western Union. This breach led to exposure of Western Union customer records.
Western Union Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Western Union
Incidents vs Financial Services Industry Average (This Year)
No incidents recorded for Western Union in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Western Union in 2025.
Incident Types Western Union vs Financial Services Industry Avg (This Year)
No incidents recorded for Western Union in 2025.
Incident History — Western Union (X = Date, Y = Severity)
Western Union cyber incidents detection timeline including parent company and subsidiaries
Western Union Company Subsidiaries
Many know us as the most trusted way to send money to friends and family overseas and across borders, but we're much more than that. Our talented teams around the world are building new ways to send, save and spend money. Wherever you are in the world, in whatever currency you choose, we're evolving our services to meet the demands of tomorrow. We're here for what's next. When our teams make more financial services accessible to people everywhere, we help more people prosper, transforming lives and communities.
Loading...
Western Union Similar Companies
Barclays
Barclays is a British universal bank. Our vision is to be the UK-centred leader in global finance. We are a diversified bank with comprehensive UK consumer, corporate and wealth and private banking franchises, a leading investment bank and a strong, specialist US consumer bank. Through these five di
Swedbank
Since 1820 Swedbank has been the bank for the many households and businesses. We are a modern financial services platform focused on customer satisfaction. Our goal is to encourage people to save for a better future and we aim to help people, businesses and society to grow by promoting a healthy and
BlackRock is a global asset manager and technology provider dedicated to helping more and more people experience financial well-being. We help millions of people invest to build savings that serve them throughout their lives. We always start with our clients’ needs and look to offer them more qua
First American Financial Corporation is a premier provider of title, settlement and risk solutions for real estate transactions. With its combination of financial strength and stability built over more than 130 years, innovative proprietary technologies, and unmatched data assets, the company is lea
Old Mutual South Africa
Old Mutual Limited is a premium pan-African financial services group that offers a broad spectrum of financial solutions to retail and corporate customers across key markets in 14 countries. We have been helping our customers achieve their lifetime financial goals for over 170 years by investing the
SM Investments
SM Investments Corporation is a leading Philippine company that is invested in market-leading businesses in retail, banking, and property. It also invests in ventures that capture high growth opportunities in the emerging Philippine economy. SM’s retail operations are the country’s largest and most
Merrill Lynch
Founded in 1914, Merrill is one of the largest wealth management businesses in the world. Merrill financial advisors combine financial knowledge and experience with a deep understanding of their clients’ needs to help their clients pursue the lives they want. With a deep commitment to placing their
Ameriprise Financial Services, LLC
At Ameriprise Financial, we have been helping people feel more confident about their financial future for 130 years. With extensive investment advice, asset management and insurance capabilities and a nationwide network of approximately 10,000 financial advisors*, we have the strength and expertise
LOLC Holdings PLC
A formidable global conglomerate, LOLC Holdings has strategically diversified into key economic growth sectors across financial services, leisure, agriculture and plantations, construction and real estate, manufacturing and trading, technology, research and innovation and strategic investments. The
.png)
Western Union CyberSecurity News
November 13, 2025 09:40 AM
Western Union covers forex shortages in a complex market
Mohamed Touhami el Ouazzani's mandate as the Regional Vice-President, Head of Africa, at Western Union was to expand digital money transfer,...
November 06, 2025 01:02 PM
Western Union (NYSE: WU) outlines ‘Beyond’ strategy with 20% revenue growth target by 2028
2028 outlook: revenue $4.8–$5.3B, adjusted EPS $2.15–$2.45. 'Beyond' plan centers on digital-first growth, Digital Asset Network and USDPT.
November 01, 2025 07:00 AM
US-based Honduran architect held for attempted robbery at Western Union outlet in Hyderabad
Hyderabad: A 32-year-old Honduran architect working in Texas was arrested on Saturday evening from his in-laws' house in Kapra for...
October 27, 2025 07:00 AM
Western Union Plans Stablecoin Transfers as Crypto Adoption Skyrockets: Why $BEST Is Worth Watching
Western Union is piloting stablecoin-based settlements. As blockchain rails expand, projects like Best Wallet Token ($BEST) are set to...
October 24, 2025 07:00 AM
Western Union Stock Edges Up on Q3 Beat – CEO Calls Crypto an “Opportunity”
Stock snapshot: Western Union (NYSE: WU) was trading around $8.15 on Oct. 23, 2025, up roughly 0.4% in after-hours trading following its Q3...
October 24, 2025 04:31 AM
Why Did Western Union Stock Rise Over 4% After-Hours?
Western Union's consumer services segment revenue grew 49% compared to the prior year period, driven by the expansion of its Travel Money business.
October 08, 2025 07:00 AM
Cybersecurity event comes to Springfield’s Union Station on Thursday
SPRINGFIELD — With October marked as Cybersecurity Awareness Month, the Richard E. Neal Cybersecurity Center of Excellence at Union Station...
October 03, 2025 07:00 AM
Western Countries In Cyber ‘Arms Race,’ Ex-UK Cyber Chief Warns
"There's a very active war going on in the cyber space," former GCHQ chief Robert Hannigan told Newsweek.
September 24, 2025 07:00 AM
How Western Union Built Scalable Zero Trust with Illumio Segmentation
When you're helping people move money across 200 countries and territories every day, cybersecurity is a business imperative. At Western...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Western Union CyberSecurity History Information
Official Website of Western Union
The official website of Western Union is www.westernunion.com.
Western Union’s AI-Generated Cybersecurity Score
According to Rankiteo, Western Union’s AI-generated cybersecurity score is 733, reflecting their Moderate security posture.
How many security badges does Western Union’ have ?
According to Rankiteo, Western Union currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Western Union have SOC 2 Type 1 certification ?
According to Rankiteo, Western Union is not certified under SOC 2 Type 1.
Does Western Union have SOC 2 Type 2 certification ?
According to Rankiteo, Western Union does not hold a SOC 2 Type 2 certification.
Does Western Union comply with GDPR ?
According to Rankiteo, Western Union is not listed as GDPR compliant.
Does Western Union have PCI DSS certification ?
According to Rankiteo, Western Union does not currently maintain PCI DSS compliance.
Does Western Union comply with HIPAA ?
According to Rankiteo, Western Union is not compliant with HIPAA regulations.
Does Western Union have ISO 27001 certification ?
According to Rankiteo,Western Union is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Western Union
Western Union operates primarily in the Financial Services industry.
Number of Employees at Western Union
Western Union employs approximately 14,366 people worldwide.
Subsidiaries Owned by Western Union
Western Union presently has no subsidiaries across any sectors.
Western Union’s LinkedIn Followers
Western Union’s official LinkedIn profile has approximately 338,662 followers.
NAICS Classification of Western Union
Western Union is classified under the NAICS code 52, which corresponds to Finance and Insurance.
Western Union’s Presence on Crunchbase
No, Western Union does not have a profile on Crunchbase.
Western Union’s Presence on LinkedIn
Yes, Western Union maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/western-union.
Cybersecurity Incidents Involving Western Union
As of November 27, 2025, Rankiteo reports that Western Union has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
Western Union has an estimated 29,540 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Western Union ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does Western Union detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with letters to affected customers..
Incident Details
Can you provide details on each incident ?
Title: Western Union Data Breach
Description: Some Western Union consumers started receiving a letter from the company last month. It informed them of a data breach that had occurred at a data storage company used by Western Union. This breach led to exposure of Western Union customer records.
Type: Data Breach
Title: Western Union Data Breach
Description: The California Office of the Attorney General reported that Western Union Financial Services, Inc. experienced a data breach on December 24, 2020, due to a compromised file transfer service provided by its vendor, Accellion. The breach was reported on March 17, 2021, but the number of affected individuals and specific types of information compromised remain unknown.
Date Detected: 2020-12-24
Date Publicly Disclosed: 2021-03-17
Type: Data Breach
Attack Vector: Compromised File Transfer Service
Vulnerability Exploited: Vendor Service (Accellion)
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach WES10197622
Data Compromised: Customer records
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Customer Records and .
Which entities were affected by each incident ?
Incident : Data Breach WES10197622
Entity Name: Western Union
Entity Type: Company
Industry: Financial Services
Incident : Data Breach WES838072925
Entity Name: Western Union Financial Services, Inc.
Entity Type: Company
Industry: Financial Services
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach WES10197622
Communication Strategy: Letters to affected customers
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach WES10197622
Type of Data Compromised: Customer records
References
Where can I find more information about each incident ?
Incident : Data Breach WES838072925
Source: California Office of the Attorney General
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: California Office of the Attorney General.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Letters To Affected Customers.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach WES10197622
Customer Advisories: Letters to affected customers
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Letters To Affected Customers and .
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2020-12-24.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2021-03-17.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Customer Records and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was Customer Records.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is California Office of the Attorney General.
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an Letters to affected customers.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential Leak by App Logic that leads to the unauthorized disclosure of the Cross-Site Request Forgery (XSRF) token to an attacker-controlled domain. Angular's HttpClient has a built-in XSRF protection mechanism that works by checking if a request URL starts with a protocol (http:// or https://) to determine if it is cross-origin. If the URL starts with protocol-relative URL (//), it is incorrectly treated as a same-origin request, and the XSRF token is automatically added to the X-XSRF-TOKEN header. This issue has been patched in versions 19.2.16, 20.3.14, and 21.0.1. A workaround for this issue involves avoiding using protocol-relative URLs (URLs starting with //) in HttpClient requests. All backend communication URLs should be hardcoded as relative paths (starting with a single /) or fully qualified, trusted absolute URLs.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
- https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
- https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
- https://github.com/angular/angular/releases/tag/19.2.16
- https://github.com/angular/angular/releases/tag/20.3.14
- https://github.com/angular/angular/releases/tag/21.0.1
- https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Integer Overflow vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft ASN.1 structures containing OIDs with oversized arcs. These arcs may be decoded as smaller, trusted OIDs due to 32-bit bitwise truncation, enabling the bypass of downstream OID-based security decisions. This issue has been patched in version 1.3.2.
Risk Information
cvss4
Base: 6.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. In versions from 8.0.0 to before 8.0.2, a NULL dereference can occur when the entropy keyword is used in conjunction with base64_data. This issue has been patched in version 8.0.2. A workaround involves disabling rules that use entropy in conjunction with base64_data.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=western-union' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
