WHO
Company Details
Linkedin ID:
world-health-organization
Website:
Employees number:
30,615
Number of followers:
6,094,439
NAICS:
92812
Industry Type:
Homepage:
who.int
IP Addresses:
0
Company ID:
WOR_7701737
Scan Status:
In-progress
World Health Organization Company CyberSecurity Posture
who.int
The World Health Organization's mission: to promote health, keep the world safe, and serve the vulnerable. Working through offices in more than 150 countries, WHO staff work side by side with governments and other partners to ensure the highest attainable level of health for all people. Stay connected with WHO: Facebook https://www.facebook.com/WHO Twitter http://www.twitter.com/who Instagram: @who Google+ https://www.google.com/+who YouTube http://www.youtube.com/who
World Health Organization A.I CyberSecurity Scoring
WHO Risk Score (AI oriented)Between 800 and 849
WHO
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
WHO Global Score (TPRM)XXXX
WHO
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
WHO Company CyberSecurity News & History
Past Incidents
2
Attack Types
2
World Health Organization
Cyber Attack
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: The login credentials of some staff members of the World Health Organization were accessed by hackers in March 2020. The compromised passwords contained access to a lot of sensitive information about the pandemic. The attack was the result of a successful phishing attempt that forced the organization to switch the infrastructure as a future precautionary step.
Healthcare organization
Ransomware
Rankiteo Explanation
Attack threatening the organization’s existence
Description: The Ryuk ransomware gang, active between 2018 and mid-2020, targeted organizations across various sectors, including healthcare during the Covid pandemic. The gang was responsible for numerous attacks, causing significant disruptions and financial losses. The recent extradition of a 33-year-old member of the Ryuk operation to the United States highlights the continued efforts to bring cybercriminals to justice. The gang's rebranding to Conti and subsequent splintering into smaller groups underscores the evolving threat landscape.
WHO Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for WHO
Incidents vs International Affairs Industry Average (This Year)
No incidents recorded for World Health Organization in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for World Health Organization in 2025.
Incident Types WHO vs International Affairs Industry Avg (This Year)
No incidents recorded for World Health Organization in 2025.
Incident History — WHO (X = Date, Y = Severity)
WHO cyber incidents detection timeline including parent company and subsidiaries
WHO Company Subsidiaries
The World Health Organization's mission: to promote health, keep the world safe, and serve the vulnerable. Working through offices in more than 150 countries, WHO staff work side by side with governments and other partners to ensure the highest attainable level of health for all people. Stay connected with WHO: Facebook https://www.facebook.com/WHO Twitter http://www.twitter.com/who Instagram: @who Google+ https://www.google.com/+who YouTube http://www.youtube.com/who
Loading...
WHO Similar Companies
United Nations
Founded at the end of the Second World War, the United Nations is an international organization made up of 193 Member States committed to maintaining international peace and security. Every day the UN works to tackle global challenges and deliver results for those most in need. Giving life-sav
UNDP
The United Nations Development Programme works in nearly 170 countries and territories, helping to achieve the eradication of poverty, and the reduction of inequalities and exclusion. We help countries to develop policies, leadership skills, partnering abilities, institutional capabilities and build
Established in 1951, the International Organization for Migration is the leading intergovernmental organization in the field of migration and is committed to the principle that humane and orderly migration benefits migrants and society. IOM works with its partners in the international community to
Bluesky Agency
THE RIGHT WAY TO ITALY. Italian Agency based in Venice-Italy performing general affairs by Public and Private Boards seeks international Partners to develop SMART TOURISM NETWORK. Multilingual staff. Contact us as above
UNHCR, the UN Refugee Agency
UNHCR, the UN Refugee Agency, is a global organisation dedicated to saving lives, protecting rights and building a better future for people forced to flee their homes because of conflict and persecution. We lead international action to protect refugees, forcibly displaced communities and stateless
U.S. Department of State
The U.S. Department of State is focused on accomplishing America's mission of diplomacy at home and around the world. The U.S. Department of State manages America’s relationships with foreign governments, international organizations, and the people of other countries. U.S. diplomats and Civil Servic
USAID is the lead U.S. Government agency that works to end extreme global poverty and enable resilient, democratic societies to realize their potential. U.S. foreign assistance has always had the twofold purpose of furthering America's interests while improving lives in the developing world. USAI
.png)
WHO CyberSecurity News
October 26, 2025 07:00 AM
Healthcare Data Breach Statistics
The HIPAA Journal has compiled healthcare data breach statistics from October 2009, when the Department of Health and Human Services (HHS)...
October 22, 2025 07:00 AM
Putting cybersecurity at the core of national security
Countries that integrate cybersecurity into their national security strategies and institutional governance will be best positioned to...
September 22, 2025 07:00 AM
Strengthening Health Sector Resilience: PAHO Hosts Cybersecurity Readiness Workshop in Trinidad and Tobago
Port-of-Spain, 18 September 2025 (PAHO): In a decisive step toward fortifying the digital defenses of the national health system,...
September 02, 2025 07:00 AM
PAHO/WHO and The Bahamas Ministry of Health and Wellness Hosts AI and Cybersecurity Workshop in The Bahamas
Sept. 2nd, 2025, Nassau, The Bahamas - The Pan American Health Organization/World Health Organization (PAHO/WHO), in collaboration with The...
July 21, 2025 07:00 AM
World Health Organization CISO on securing global health emergencies
During health emergencies, strong cybersecurity protects systems from rising cyber threats that exploit urgent situations.
July 21, 2025 07:00 AM
Physician cybersecurity
Viruses, malware and hackers pose a threat to patients and physician practices. Find resources to protect patient health records and other...
May 24, 2025 07:00 AM
Seventy-eighth World Health Assembly – Daily update: 24 May 2025
Member States today adopted a landmark resolution declaring rare diseases a global health priority in an effort to ensure that no patients are left behind.
May 20, 2025 07:00 AM
World Health Assembly adopts historic Pandemic Agreement to make the world more equitable and safer from future pandemics
Member States of the World Health Organization (WHO) today formally adopted by consensus the world's first Pandemic Agreement.
March 26, 2025 07:00 AM
WHO/Europe launches guide to strengthen cybersecurity in digital health
WHO/Europe has published a guide on cybersecurity and privacy risk assessments in digital health tailored to the WHO European Region.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
WHO CyberSecurity History Information
Official Website of World Health Organization
The official website of World Health Organization is http://www.who.int.
World Health Organization’s AI-Generated Cybersecurity Score
According to Rankiteo, World Health Organization’s AI-generated cybersecurity score is 806, reflecting their Good security posture.
How many security badges does World Health Organization’ have ?
According to Rankiteo, World Health Organization currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does World Health Organization have SOC 2 Type 1 certification ?
According to Rankiteo, World Health Organization is not certified under SOC 2 Type 1.
Does World Health Organization have SOC 2 Type 2 certification ?
According to Rankiteo, World Health Organization does not hold a SOC 2 Type 2 certification.
Does World Health Organization comply with GDPR ?
According to Rankiteo, World Health Organization is not listed as GDPR compliant.
Does World Health Organization have PCI DSS certification ?
According to Rankiteo, World Health Organization does not currently maintain PCI DSS compliance.
Does World Health Organization comply with HIPAA ?
According to Rankiteo, World Health Organization is not compliant with HIPAA regulations.
Does World Health Organization have ISO 27001 certification ?
According to Rankiteo,World Health Organization is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of World Health Organization
World Health Organization operates primarily in the International Affairs industry.
Number of Employees at World Health Organization
World Health Organization employs approximately 30,615 people worldwide.
Subsidiaries Owned by World Health Organization
World Health Organization presently has no subsidiaries across any sectors.
World Health Organization’s LinkedIn Followers
World Health Organization’s official LinkedIn profile has approximately 6,094,439 followers.
NAICS Classification of World Health Organization
World Health Organization is classified under the NAICS code 92812, which corresponds to International Affairs.
World Health Organization’s Presence on Crunchbase
No, World Health Organization does not have a profile on Crunchbase.
World Health Organization’s Presence on LinkedIn
Yes, World Health Organization maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/world-health-organization.
Cybersecurity Incidents Involving World Health Organization
As of December 21, 2025, Rankiteo reports that World Health Organization has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
World Health Organization has an estimated 987 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at World Health Organization ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack and Ransomware.
What was the total financial impact of these incidents on World Health Organization ?
Total Financial Loss: The total financial loss from these incidents is estimated to be $150 million.
How does World Health Organization detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an remediation measures with switch the infrastructure, and .
Incident Details
Can you provide details on each incident ?
Title: World Health Organization Credential Breach
Description: The login credentials of some staff members of the World Health Organization were accessed by hackers in March 2020. The compromised passwords contained access to a lot of sensitive information about the pandemic. The attack was the result of a successful phishing attempt that forced the organization to switch the infrastructure as a future precautionary step.
Date Detected: March 2020
Type: Data Breach
Attack Vector: Phishing
Vulnerability Exploited: Human
Title: Extradition of Ryuk Ransomware Operator
Description: A member of the Ryuk ransomware operation, specializing in gaining initial access to corporate networks, has been extradited to the United States.
Date Publicly Disclosed: 2025-06-18
Type: Ransomware
Attack Vector: Initial Access
Threat Actor: Ryuk Ransomware Operation
Motivation: Financial GainData Theft
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Phishing email.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach WOR201411222
Data Compromised: Sensitive information about the pandemic
Incident : Ransomware WOR903061925
Financial Loss: $150 million
What is the average financial loss per incident ?
Average Financial Loss: The average financial loss per incident is $75.00 million.
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Login credentials.
Which entities were affected by each incident ?
Incident : Data Breach WOR201411222
Entity Name: World Health Organization
Entity Type: Organization
Industry: Health
Incident : Ransomware WOR903061925
Location: FranceNorwayGermanythe NetherlandsCanadaUSA
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach WOR201411222
Remediation Measures: Switch the infrastructure
Incident : Ransomware WOR903061925
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach WOR201411222
Type of Data Compromised: Login credentials
Sensitivity of Data: High
Incident : Ransomware WOR903061925
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Switch the infrastructure, .
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Ransomware WOR903061925
Ransom Paid: $150 million
Ransomware Strain: Ryuk
Data Encryption: True
Data Exfiltration: True
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Ransomware WOR903061925
References
Where can I find more information about each incident ?
Incident : Ransomware WOR903061925
Source: BleepingComputer
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: BleepingComputer.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Ransomware WOR903061925
Investigation Status: Ongoing
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach WOR201411222
Entry Point: Phishing email
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach WOR201411222
Root Causes: Phishing email
Additional Questions
General Information
Has the company ever paid ransoms ?
Ransom Payment History: The company has Paid ransoms in the past.
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Ryuk Ransomware Operation.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on March 2020.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025-06-18.
Impact of the Incidents
What was the highest financial loss from an incident ?
Highest Financial Loss: The highest financial loss from an incident was $150 million.
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident was Sensitive information about the pandemic.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was Sensitive information about the pandemic.
Ransomware Information
What was the highest ransom paid in a ransomware incident ?
Highest Ransom Paid: The highest ransom paid in a ransomware incident was $150 million.
Regulatory Compliance
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is BleepingComputer.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Phishing email.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Versa SASE Client for Windows versions released between 7.8.7 and 7.9.4 contain a local privilege escalation vulnerability in the audit log export functionality. The client communicates user-controlled file paths to a privileged service, which performs file system operations without impersonating the requesting user. Due to improper privilege handling and a time-of-check time-of-use race condition combined with symbolic link and mount point manipulation, a local authenticated attacker can coerce the service into deleting arbitrary directories with SYSTEM privileges. This can be exploited to delete protected system folders such as C:\\Config.msi and subsequently achieve execution as NT AUTHORITY\\SYSTEM via MSI rollback techniques.
Risk Information
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to unauthorized modification of data due to a missing capability check on the 'cs_update_application_status_callback' function in all versions up to, and including, 7.7. This makes it possible for authenticated attackers, with Candidate-level access and above, to inject cross-site scripting into the 'status' parameter of applied jobs for any user.
Risk Information
cvss3
Base: 7.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Description
The WP JobHunt plugin for WordPress, used by the JobCareer theme, is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 7.7 via the 'cs_update_application_status_callback' due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Candidate-level access and above, to send a site-generated email with injected HTML to any user.
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Description
The FiboSearch – Ajax Search for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `thegem_te_search` shortcode in all versions up to, and including, 1.32.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This vulnerability requires TheGem theme (premium) to be installed with Header Builder mode enabled, and the FiboSearch "Replace search bars" option enabled for TheGem integration.
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
References
- https://plugins.trac.wordpress.org/browser/ajax-search-for-woocommerce/tags/1.32.0/partials/themes/thegem-elementor.php#L104
- https://plugins.trac.wordpress.org/browser/ajax-search-for-woocommerce/tags/1.32.0/partials/themes/thegem-elementor.php#L94
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3420841%40ajax-search-for-woocommerce%2Ftrunk&old=3398612%40ajax-search-for-woocommerce%2Ftrunk&sfp_email=&sfph_mail=#file136
- https://wordpress.org/plugins/ajax-search-for-woocommerce
- https://www.wordfence.com/threat-intel/vulnerabilities/id/8149103e-105d-401d-8a15-b07d131baaac?source=cve
Description
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.0 via the ajax_get_members function. This is due to the use of a predictable low-entropy token (5 hex characters derived from md5 of post ID) to identify member directories and insufficient authorization checks on the unauthenticated AJAX endpoint. This makes it possible for unauthenticated attackers to extract sensitive data including usernames, display names, user roles (including administrator accounts), profile URLs, and user IDs by enumerating predictable directory_id values or brute-forcing the small 16^5 token space.
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
References
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/class-functions.php#L41
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/core/class-ajax-common.php#L61
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/core/class-member-directory.php#L205
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/includes/core/class-member-directory.php#L2795
- https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.10.6/templates/members.php#L26
- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3421362%40ultimate-member%2Ftrunk&old=3408617%40ultimate-member%2Ftrunk&sfp_email=&sfph_mail=
- https://www.wordfence.com/threat-intel/vulnerabilities/id/61337d2d-d15a-45f2-b730-fc034eb3cd31?source=cve
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=world-health-organization' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
