ISO 27001 Certificate
SOC 1 Type I Certificate
SOC 2 Type II Certificate
PCI DSS
HIPAA
RGPD
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions

ABB Company CyberSecurity Posture

abb.com
ISOSOC2 Type 1SOC2 Type 2PCI DSSHIPAAGDPR

ABB is a technology leader in electrification and automation, enabling a more sustainable and resource-efficient future. The company’s solutions connect engineering know-how and software to optimize how things are manufactured, moved, powered and operated. Building on over 140 years of excellence, ABB’s more than 110,000 employees are committed to driving innovations that accelerate industrial transformation. www.abb.com Privacy notice & house rules: https://social.abb/social-media-information Before applying for a job at ABB, please read our Fraud Warning: https://careers.abb/global/en/fraud-warning

ABB A.I CyberSecurity Scoring

ABB

Company Details

Linkedin ID:

abb

Website:

https://social.abb/website

Employees number:

112,125

Number of followers:

3,964,929

NAICS:

33325

Industry Type:

Automation Machinery Manufacturing

Homepage:

abb.com

IP Addresses:

109

Company ID:

ABB_3110492

Scan Status:

Completed

AI scoreABB Risk Score (AI oriented)

Between 800 and 849

https://images.rankiteo.com/companyimages/abb.jpeg
ABB Automation Machinery Manufacturing
Updated:
  • Powered by our proprietary A.I cyber incident model
  • Insurance preferes TPRM score to calculate premium
globalscoreABB Global Score (TPRM)

XXXX

https://images.rankiteo.com/companyimages/abb.jpeg
ABB Automation Machinery Manufacturing
  • Instant access to detailed risk factors
  • Benchmark vs. industry & size peers
  • Vulnerabilities
  • Findings

ABB Company CyberSecurity News & History

Past Incidents
2
Attack Types
1
EntityTypeSeverityImpactSeenBlog DetailsIncident DetailsView
ABB, Inc.Breach8548/2017
ABB225090125
Rankiteo Explanation :
Attack with significant impact with customers data leaks

Description: The California Office of the Attorney General disclosed that **ABB, Inc.** suffered a data breach on **August 25, 2017**, stemming from suspicious login activity in an employee’s email account. The incident exposed sensitive personal information, including **names, addresses, Social Security numbers, and medical records** of an unspecified number of individuals. While the exact scale of the breach remains undisclosed, the compromised data suggests a significant risk of identity theft or fraud. In response, ABB offered **one year of identity monitoring services** to affected parties, indicating an effort to mitigate potential harm. The breach highlights vulnerabilities in employee account security, raising concerns about unauthorized access to highly confidential data. The exposure of medical records further escalates the severity, as such information is often targeted for exploitation in cybercrime schemes.

ABBBreach100505/2023
ABB02812623
Rankiteo Explanation :
Attack threatening the organization’s existence

Description: The world's largest provider of automation and electrification technology, ABB of Switzerland, acknowledged a data breach following a ransomware attack that purportedly affected its business operations. The company's Windows Active Directory was compromised by the attack, infecting hundreds of devices, according to BleepingComputer, which broke the news of the incident first. According to BleepingComputer, the Black Basta ransomware organisation was responsible for the attack, which also caused some projects to be postponed and affected some of the corporate factories. The company claimed via a news release that threat actors gained unauthorised access to several ABB systems, installed ransomware, and stole some data.

ABB, Inc.
Breach
Severity: 85
Impact: 4
Seen: 8/2017
Blog:
ABB225090125
Rankiteo Explanation
Attack with significant impact with customers data leaks

Description: The California Office of the Attorney General disclosed that **ABB, Inc.** suffered a data breach on **August 25, 2017**, stemming from suspicious login activity in an employee’s email account. The incident exposed sensitive personal information, including **names, addresses, Social Security numbers, and medical records** of an unspecified number of individuals. While the exact scale of the breach remains undisclosed, the compromised data suggests a significant risk of identity theft or fraud. In response, ABB offered **one year of identity monitoring services** to affected parties, indicating an effort to mitigate potential harm. The breach highlights vulnerabilities in employee account security, raising concerns about unauthorized access to highly confidential data. The exposure of medical records further escalates the severity, as such information is often targeted for exploitation in cybercrime schemes.

ABB
Breach
Severity: 100
Impact: 5
Seen: 05/2023
Blog:
ABB02812623
Rankiteo Explanation
Attack threatening the organization’s existence

Description: The world's largest provider of automation and electrification technology, ABB of Switzerland, acknowledged a data breach following a ransomware attack that purportedly affected its business operations. The company's Windows Active Directory was compromised by the attack, infecting hundreds of devices, according to BleepingComputer, which broke the news of the incident first. According to BleepingComputer, the Black Basta ransomware organisation was responsible for the attack, which also caused some projects to be postponed and affected some of the corporate factories. The company claimed via a news release that threat actors gained unauthorised access to several ABB systems, installed ransomware, and stole some data.

Ailogo

ABB Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

🔒
Incident Predictions locked
Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

🔒
A.I. Risk Score Predictions locked
Access Monitoring Plan
statics

Underwriter Stats for ABB

Incidents vs Automation Machinery Manufacturing Industry Average (This Year)

No incidents recorded for ABB in 2025.

Incidents vs All-Companies Average (This Year)

No incidents recorded for ABB in 2025.

Incident Types ABB vs Automation Machinery Manufacturing Industry Avg (This Year)

No incidents recorded for ABB in 2025.

Incident History — ABB (X = Date, Y = Severity)

ABB cyber incidents detection timeline including parent company and subsidiaries

ABB Company Subsidiaries

SubsidiaryImage

ABB is a technology leader in electrification and automation, enabling a more sustainable and resource-efficient future. The company’s solutions connect engineering know-how and software to optimize how things are manufactured, moved, powered and operated. Building on over 140 years of excellence, ABB’s more than 110,000 employees are committed to driving innovations that accelerate industrial transformation. www.abb.com Privacy notice & house rules: https://social.abb/social-media-information Before applying for a job at ABB, please read our Fraud Warning: https://careers.abb/global/en/fraud-warning

similarCompanies

ABB Similar Companies

Emerson
emerson.com

Emerson is a leading global technology, software, and engineering company providing innovative solutions for customers in industrial and commercial markets. We help customers in the world’s most essential industries solve the biggest challenges of modern life. Every day, our global workforce fulfil

Security Report Compare

KUKA SE & Co. KGaA is a global leader in intelligent automation solutions, generating around 3.7 billion euro in sales and employing approximately 15,000 people worldwide. Headquartered in Augsburg, Germany, KUKA’s mission is to make automation accessible for everyone - simple, intuitive and sustain

Security Report Compare
PT Astra International Tbk
astra.co.id

Astra was established in 1957 as a trading company. Over the course of its development, Astra has formed a number of strategic alliances with leading global players. Since 1990, the Company has been listed on the Indonesia Stock Exchange. Astra currently engages in seven business lines: Autom

Security Report Compare
Siemens
siemens.com

Siemens AG (Berlin and Munich) is a leading technology company focused on industry, infrastructure, mobility, and healthcare. The company’s purpose is to create technology to transform the everyday, for everyone. By combining the real and the digital worlds, Siemens empowers customers to accelerate

Security Report Compare
Schneider Electric
se.com

Schneider Electric is a global energy technology leader, driving efficiency and sustainability by electrifying, automating, and digitalizing industries, businesses, and homes. Its technologies enable buildings, data centers, factories, infrastructure, and grids to operate as open, interconnected e

Security Report Compare
newsone

ABB CyberSecurity News

November 25, 2025 01:31 PM
ABB India and Deloitte India join forces to accelerate digital transformation for Indian manufacturing enterprises

ABB India and Deloitte partner to accelerate AI-driven, secure digital transformation for Indian enterprises.

Read Article
November 25, 2025 12:07 PM
ABB India and Deloitte India form strategic alliance

The alliance combines ABB India's automation and digital solutions with Deloitte India's transformation and cybersecurity expertise.

Read Article
November 25, 2025 11:04 AM
ABB India, Deloitte India form alliance to accelerate AI-driven digital transformation in manufacturing

AI-driven Digital Transformation In Manufacturing: Partnership combines ABB's industrial automation platforms with Deloitte's transformation...

Read Article
November 25, 2025 08:59 AM
ABB and Deloitte Forge AI Partnership for a Smarter Future

ABB India and Deloitte India team up to provide AI-enabled digital solutions to enterprises, aiming to accelerate digital transformation and...

Read Article
November 14, 2025 08:00 AM
Advanced Cybersecurity Built Into the GCP100 Gas Chromatograph

From natural gas operations to oil refineries and petrochemical plants, gas chromatographs (GCs) play a crucial role across the hydrocarbon...

Read Article
November 12, 2025 08:00 AM
ABB unveils GCP100, the first gas chromatograph with built-in cybersecurity and real-time analysis

ABB has launched the GCP100 gas chromatograph, setting a new standard in cybersecurity and real-time analysis of complex gas mixtures in the...

Read Article
November 11, 2025 10:43 AM
ABB Introduces GCP100 Gas Chromatograph with Built-in Cybersecurity

ABB has unveiled the GCP100, the first gas chromatograph of its kind to integrate advanced cybersecurity features and built-in Wi-Fi...

Read Article
November 11, 2025 08:00 AM
ABB adds ethernet-APL connectivity to electromagnetic flowmeters for hazardous areas

ProcessMaster, ABB's next generation electromagnetic flowmeters, now allow for high-speed transmission of field data in hazardous...

Read Article
November 11, 2025 08:00 AM
ABB launches GCP100 gas chromatograph with advanced cybersecurity

ABB has launched the GCP100 gas chromatograph, setting a new benchmark for cybersecurity in gas analysis. It enables real-time analysis of...

Read Article
faq

Frequently Asked Questions

Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.

ABB CyberSecurity History Information

Official Website of ABB

The official website of ABB is https://social.abb/website.

ABB’s AI-Generated Cybersecurity Score

According to Rankiteo, ABB’s AI-generated cybersecurity score is 806, reflecting their Good security posture.

How many security badges does ABB’ have ?

According to Rankiteo, ABB currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Does ABB have SOC 2 Type 1 certification ?

According to Rankiteo, ABB is not certified under SOC 2 Type 1.

Does ABB have SOC 2 Type 2 certification ?

According to Rankiteo, ABB does not hold a SOC 2 Type 2 certification.

Does ABB comply with GDPR ?

According to Rankiteo, ABB is not listed as GDPR compliant.

Does ABB have PCI DSS certification ?

According to Rankiteo, ABB does not currently maintain PCI DSS compliance.

Does ABB comply with HIPAA ?

According to Rankiteo, ABB is not compliant with HIPAA regulations.

Does ABB have ISO 27001 certification ?

According to Rankiteo,ABB is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Industry Classification of ABB

ABB operates primarily in the Automation Machinery Manufacturing industry.

Number of Employees at ABB

ABB employs approximately 112,125 people worldwide.

Subsidiaries Owned by ABB

ABB presently has no subsidiaries across any sectors.

ABB’s LinkedIn Followers

ABB’s official LinkedIn profile has approximately 3,964,929 followers.

NAICS Classification of ABB

ABB is classified under the NAICS code 33325, which corresponds to Others.

ABB’s Presence on Crunchbase

No, ABB does not have a profile on Crunchbase.

ABB’s Presence on LinkedIn

Yes, ABB maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/abb.

Cybersecurity Incidents Involving ABB

As of December 11, 2025, Rankiteo reports that ABB has experienced 2 cybersecurity incidents.

Number of Peer and Competitor Companies

ABB has an estimated 3,233 peer or competitor companies worldwide.

What types of cybersecurity incidents have occurred at ABB ?

Incident Types: The types of cybersecurity incidents that have occurred include Breach.

How does ABB detect and respond to cybersecurity incidents ?

Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with news release, and remediation measures with offered one year of identity monitoring services to affected individuals..

Incident Details

Can you provide details on each incident ?

Incident : Data Breach and Ransomware Attack

measurementExposure impactImpact

Title: ABB Data Breach and Ransomware Attack

Description: ABB of Switzerland acknowledged a data breach following a ransomware attack that affected its business operations. The company's Windows Active Directory was compromised, infecting hundreds of devices. The Black Basta ransomware organization was responsible for the attack, which also caused some projects to be postponed and affected some of the corporate factories. Threat actors gained unauthorized access to several ABB systems, installed ransomware, and stole some data.

Type: Data Breach and Ransomware Attack

Attack Vector: Windows Active Directory

Threat Actor: Black Basta ransomware organization

Motivation: Data theft and ransom

Incident : Data Breach

measurementExposure impactImpact

Title: ABB, Inc. Data Breach via Suspicious Email Login Activity

Description: The California Office of the Attorney General reported that ABB, Inc. experienced a data breach involving suspicious login activity to an employee's email account on August 25, 2017. The breach potentially exposed personal information including names, addresses, Social Security numbers, and medical records, affecting an unspecified number of individuals. ABB is offering one year of identity monitoring services as a response to the incident.

Date Detected: 2017-08-25

Type: Data Breach

Attack Vector: Compromised Email Account (Suspicious Login Activity)

What are the most common types of attacks the company has faced ?

Common Attack Types: The most common types of attacks the company has faced is Breach.

How does the company identify the attack vectors used in incidents ?

Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Windows Active Directory and Compromised employee email account.

Impact of the Incidents

What was the impact of each incident ?

Incident : Data Breach and Ransomware Attack ABB02812623

Data Compromised: Some data stolen

Systems Affected: Windows Active Directoryhundreds of devices

Downtime: Some projects postponed

Operational Impact: Affected some corporate factories

Incident : Data Breach ABB225090125

Data Compromised: Names, Addresses, Social security numbers, Medical records

Systems Affected: Employee Email Account

Identity Theft Risk: High (PII and medical records exposed)

What types of data are most commonly compromised in incidents ?

Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personally Identifiable Information (Pii), Protected Health Information (Phi) and .

Which entities were affected by each incident ?

Incident : Data Breach and Ransomware Attack ABB02812623

Entity Name: ABB

Entity Type: Company

Industry: Automation and Electrification Technology

Location: Switzerland

Incident : Data Breach ABB225090125

Entity Name: ABB, Inc.

Entity Type: Corporation

Industry: Engineering, Technology, and Automation

Location: California, USA (HQ: Switzerland)

Customers Affected: Unspecified

Response to the Incidents

What measures were taken in response to each incident ?

Incident : Data Breach and Ransomware Attack ABB02812623

Communication Strategy: News release

Incident : Data Breach ABB225090125

Remediation Measures: Offered one year of identity monitoring services to affected individuals

Data Breach Information

What type of data was compromised in each breach ?

Incident : Data Breach and Ransomware Attack ABB02812623

Data Exfiltration: Some data stolen

Incident : Data Breach ABB225090125

Type of Data Compromised: Personally identifiable information (pii), Protected health information (phi)

Number of Records Exposed: Unspecified

Sensitivity of Data: High

Personally Identifiable Information: NamesAddressesSocial Security NumbersMedical Records

What measures does the company take to prevent data exfiltration ?

Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Offered one year of identity monitoring services to affected individuals, .

Ransomware Information

Was ransomware involved in any of the incidents ?

Incident : Data Breach and Ransomware Attack ABB02812623

Ransomware Strain: Black Basta

Data Encryption: Ransomware installed

Data Exfiltration: Some data stolen

Regulatory Compliance

Were there any regulatory violations and fines imposed for each incident ?

Incident : Data Breach ABB225090125

Regulatory Notifications: Reported to the California Office of the Attorney General

References

Where can I find more information about each incident ?

Incident : Data Breach and Ransomware Attack ABB02812623

Source: BleepingComputer

Incident : Data Breach ABB225090125

Source: California Office of the Attorney General

Where can stakeholders find additional resources on cybersecurity best practices ?

Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: BleepingComputer, and Source: California Office of the Attorney General.

Investigation Status

How does the company communicate the status of incident investigations to stakeholders ?

Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through News release.

Stakeholder and Customer Advisories

Were there any advisories issued to stakeholders or customers for each incident ?

Incident : Data Breach ABB225090125

Customer Advisories: One year of identity monitoring services offered to affected individuals

What advisories does the company provide to stakeholders and customers following an incident ?

Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were One Year Of Identity Monitoring Services Offered To Affected Individuals and .

Initial Access Broker

How did the initial access broker gain entry for each incident ?

Incident : Data Breach and Ransomware Attack ABB02812623

Entry Point: Windows Active Directory

Incident : Data Breach ABB225090125

Entry Point: Compromised employee email account

Additional Questions

General Information

Who was the attacking group in the last incident ?

Last Attacking Group: The attacking group in the last incident was an Black Basta ransomware organization.

Incident Details

What was the most recent incident detected ?

Most Recent Incident Detected: The most recent incident detected was on 2017-08-25.

Impact of the Incidents

What was the most significant data compromised in an incident ?

Most Significant Data Compromised: The most significant data compromised in an incident were Some data stolen, Names, Addresses, Social Security Numbers, Medical Records and .

What was the most significant system affected in an incident ?

Most Significant System Affected: The most significant system affected in an incident was Windows Active Directoryhundreds of devices and Employee Email Account.

Data Breach Information

What was the most sensitive data compromised in a breach ?

Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Some data stolen, Names, Social Security Numbers, Addresses and Medical Records.

What was the number of records exposed in the most significant breach ?

Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 0.

References

What is the most recent source of information about an incident ?

Most Recent Source: The most recent source of information about an incident are BleepingComputer and California Office of the Attorney General.

Stakeholder and Customer Advisories

What was the most recent customer advisory issued ?

Most Recent Customer Advisory: The most recent customer advisory issued was an One year of identity monitoring services offered to affected individuals.

Initial Access Broker

What was the most recent entry point used by an initial access broker ?

Most Recent Entry Point: The most recent entry point used by an initial access broker were an Compromised employee email account and Windows Active Directory.

cve

Latest Global CVEs (Not Company-Specific)

Description

FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions prior to 16.0.96 and 17.0.1 through 17.0.9 have a weak default password. By default, this is a 6 digit numeric value which can be brute forced. (This is the app_password parameter). Depending on local configuration, this password could be the extension, voicemail, user manager, DPMA or EPM phone admin password. This issue is fixed in versions 16.0.96 and 17.0.10.

Published
Date
2025-12-10
Updated
Date
2025-12-10
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

Neuron is a PHP framework for creating and orchestrating AI Agents. In versions 2.8.11 and below, the MySQLWriteTool executes arbitrary SQL provided by the caller using PDO::prepare() + execute() without semantic restrictions. This is consistent with the name (“write tool”), but in an LLM/agent context it becomes a high-risk capability: prompt injection or indirect prompt manipulation can cause execution of destructive queries such as DROP TABLE, TRUNCATE, DELETE, ALTER, or privilege-related statements (subject to DB permissions). Deployments that expose an agent with MySQLWriteTool enabled to untrusted input and/or run the tool with a DB user that has broad privileges are impacted. This issue is fixed in version 2.8.12.

Published
Date
2025-12-10
Updated
Date
2025-12-10
Risk Information
cvss3
Base: 9.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
References
Description

Neuron is a PHP framework for creating and orchestrating AI Agents. Versions 2.8.11 and below use MySQLSelectTool, which is vulnerable to Read-Only Bypass. MySQLSelectTool is intended to be a read-only SQL tool (e.g., for LLM agent querying, however, validation based on the first keyword (e.g., SELECT) and a forbidden-keyword list does not block file-writing constructs such as INTO OUTFILE / INTO DUMPFILE. As a result, an attacker who can influence the tool input (e.g., via prompt injection through a public agent endpoint) may write arbitrary files to the DB server if the MySQL/MariaDB account has the FILE privilege and server configuration permits writes to a useful location (e.g., a web-accessible directory). This issue is fixed in version 2.8.12.

Published
Date
2025-12-10
Updated
Date
2025-12-10
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
References
Description

Okta Java Management SDK facilitates interactions with the Okta management API. In versions 11.0.0 through 20.0.0, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response. This issue is fixed in version 20.0.1.

Published
Date
2025-12-10
Updated
Date
2025-12-10
Risk Information
cvss3
Base: 8.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
References
Description

The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in versions 4.11.2 and 4.12.1.

Published
Date
2025-12-10
Updated
Date
2025-12-10
Risk Information
cvss3
Base: 5.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
References

Access Data Using Our API

SubsidiaryImage

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=abb' -H 'apikey: YOUR_API_KEY_HERE'
Try It API Documentation rapidRapid

What Do We Measure ?

revertimgrevertimgrevertimgrevertimg
Incident
revertimgrevertimgrevertimgrevertimg
Finding
revertimgrevertimgrevertimgrevertimg
Grade
revertimgrevertimgrevertimgrevertimg
Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network Security

Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)

Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)

Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat Intelligence

Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Top LeftTop RightBottom LeftBottom Right
Rankiteo
By Rankiteo
View on G2.com
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
View latest reports → View all security reports →
Users Love Us Badge