BC
Company Details
Linkedin ID:
bank-of-china
Website:
Employees number:
22,584
Number of followers:
176,469
NAICS:
52211
Industry Type:
Homepage:
boc.cn
IP Addresses:
0
Company ID:
BAN_2827970
Scan Status:
In-progress
Bank of China Company CyberSecurity Posture
boc.cn
Bank of China, include BOC Hong Kong, BOC International, BOCG Insurance and other financial institutions, providing a comprehensive range of high-quality financial services to individual and corporate customers as well as financial institutions worldwide. Over the past century, Bank of China played an important role in China’s financial history. It was established in 1912 pursuant to the approval of DR. Sun Yat-sen. In the following 37 years the Bank served as the central bank, international exchange bank and specialized foreign trade bank successively. In 1949, Bank of China became the state-designated specialized foreign exchange bank. In 2003, it was named by the State Council as one of the pilot banks for joint-stock reform of wholly state-owned commercial banks. On August 26, 2004, Bank of China Limited was formally incorporated in Beijing as a state-controlled joint stock commercial bank. Bank of China is the most internationalized commercial bank in China. BOC London Branch, the first overseas branch of the Chinese banks, was established in 1929. Currently, it had over 10000 domestic operations and over 600 overseas operations. In 1994 and 1995, Bank of China became the note issuing bank in Hong Kong and Macao respectively. The Bank prepared a new strategic development plan which was approved by the Board of Directors in March 2009. Strategic Positioning: To be a large multinational banking group based on a diversified and integrated cross-border business platform, with a core business of commercial banking. Strategic Goals: To be a leading international bank delivering growth and excellence.
Bank of China A.I CyberSecurity Scoring
BC Risk Score (AI oriented)Between 800 and 849
BC
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
BC Global Score (TPRM)XXXX
BC
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
BC Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
BC Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for BC
Incidents vs Banking Industry Average (This Year)
No incidents recorded for Bank of China in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Bank of China in 2025.
Incident Types BC vs Banking Industry Avg (This Year)
No incidents recorded for Bank of China in 2025.
Incident History — BC (X = Date, Y = Severity)
BC cyber incidents detection timeline including parent company and subsidiaries
BC Company Subsidiaries
Bank of China, include BOC Hong Kong, BOC International, BOCG Insurance and other financial institutions, providing a comprehensive range of high-quality financial services to individual and corporate customers as well as financial institutions worldwide. Over the past century, Bank of China played an important role in China’s financial history. It was established in 1912 pursuant to the approval of DR. Sun Yat-sen. In the following 37 years the Bank served as the central bank, international exchange bank and specialized foreign trade bank successively. In 1949, Bank of China became the state-designated specialized foreign exchange bank. In 2003, it was named by the State Council as one of the pilot banks for joint-stock reform of wholly state-owned commercial banks. On August 26, 2004, Bank of China Limited was formally incorporated in Beijing as a state-controlled joint stock commercial bank. Bank of China is the most internationalized commercial bank in China. BOC London Branch, the first overseas branch of the Chinese banks, was established in 1929. Currently, it had over 10000 domestic operations and over 600 overseas operations. In 1994 and 1995, Bank of China became the note issuing bank in Hong Kong and Macao respectively. The Bank prepared a new strategic development plan which was approved by the Board of Directors in March 2009. Strategic Positioning: To be a large multinational banking group based on a diversified and integrated cross-border business platform, with a core business of commercial banking. Strategic Goals: To be a leading international bank delivering growth and excellence.
Loading...
BC Similar Companies
Maybank
Maybank Group is the leading financial services provider in Malaysia catering to the needs of consumers, investors, entrepreneurs, non-profit organisations and corporations. The Group, which has expanded internationally, has the largest network among Malaysian banks of over 2,400 branches and office
BNP Paribas
BNP Paribas is a leading bank in Europe with an international reach. It has a presence in 64 countries, with more than 178,000 employees, including more than 144,000 in Europe. BNP Paribas holds leading positions in its three major operating divisions: ⚆ Commercial, Personal Banking & Services for
Crédit Mutuel
Un modèle mutualiste au service des clients et des salariés. Réseau bancaire mutualiste constitué de 2124 Caisses locales le Crédit Mutuel se compose de 18 fédérations régionales, couvrant tout le territoire français. Société de personnes et non de capitaux, le Crédit Mutuel n’est pas coté en Bou
DenizBank
In 1997, DenizBank was acquired by the Zorlu Holding in the form of a banking license from the Privatization Administration. Undergoing three shareholder changes and done public offering in its short history, the Bank was acquired in October 2006 by Dexia, one of the leading financial groups of Euro
Royal Bank of Canada is a global financial institution with a purpose-driven, principles-led approach to delivering leading performance. Our success comes from the 94,000+ employees who leverage their imaginations and insights to bring our vision, values and strategy to life so we can help our clien
Kotak Mahindra Bank
About Kotak Mahindra Group: Established in 1985, the Kotak Mahindra Group is one of India’s leading financial services conglomerates. In February 2003, Kotak Mahindra Finance Ltd. (KMFL), the Group’s flagship company, received a banking license from the Reserve Bank of India (RBI). With this, KMF
ICICI Bank is one of India’s leading private sector banks, offering a wide range of banking products and services to corporate, Small and Medium Enterprises (SME) and individual customers across the country. The Bank offers multi-channel touch points including branches, ATMs, mobile banking, interne
Capitec
Imagine simple, affordable banking solutions that work for you – just like it does for over 25 million South Africans. They’re banking smart, paying less and getting more value every day with us. As the country’s leading digital bank, we’re proud to have been voted the Coolest Bank by the youth in
At U.S. Bank, we help millions of clients achieve their goals with a balance of best-in-class technology and human expertise tailored to individual needs. As the fifth-largest commercial bank in the United States, we’ve built a reputation for strength and stability across a diversified mix of busine
.png)
BC CyberSecurity News
November 24, 2025 04:34 PM
Hackers steal sensitive data from major banking industry vendor
Hackers steal sensitive data from major banking industry vendor. 2025-11-24 18:11. The incident highlights how supply-chain compromises threaten even...
November 10, 2025 08:00 AM
Data Breach at Chinese Cybersecurity Firm Reveals State-Backed Hacking Tools and Target Lists
Chinese data breach - On November 2, 2025, Knownsec, a prominent Chinese cybersecurity firm with established ties to the Chinese government.
October 15, 2025 07:00 AM
Breach at US-based cybersecurity provider F5 blamed on China, Bloomberg News reports
(Reuters) -A breach at U.S.-based cybersecurity company F5 has been blamed on state-backed hackers from China, Bloomberg News reported on...
September 22, 2025 07:00 AM
AI Watch: Global regulatory tracker - China
The Interim AI Measures is China's first specific, administrative regulation on the management of generative AI services.
September 21, 2025 07:00 AM
Myanmar delegates hold talks on digital banking and cybersecurity in China
Myanmar delegates hold talks on digital banking and cybersecurity in China ... Central Bank...
September 17, 2025 07:00 AM
China leaves policy rate unchanged after Fed rate reduction
China's central bank left a key interest rate unchanged on Thursday, as authorities appear in no rush to ease monetary settings despite the...
September 09, 2025 06:42 AM
Cybersecurity and Data Protection in Hong Kong: 2025
Hong Kong's cybersecurity and data protection is facing increased regulatory scrutiny and enhanced compliance requirements. The Privacy Commissioner for...
August 21, 2025 03:13 AM
The State of Cybersecurity in Africa: The Chinese Effect
In Africa, core services such as communications, electric grids, transport systems, health services, and smart cities, are increasingly dependent on cloud...
August 14, 2025 07:00 AM
New Android Malware Wave Hits Banking via NFC Relay Fraud, Call Hijacking, and Root Exploits
Cybersecurity researchers have disclosed a new Android trojan called PhantomCard that abuses near-field communication (NFC) to conduct relay...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
BC CyberSecurity History Information
Official Website of Bank of China
The official website of Bank of China is http://www.boc.cn.
Bank of China’s AI-Generated Cybersecurity Score
According to Rankiteo, Bank of China’s AI-generated cybersecurity score is 836, reflecting their Good security posture.
How many security badges does Bank of China’ have ?
According to Rankiteo, Bank of China currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Bank of China have SOC 2 Type 1 certification ?
According to Rankiteo, Bank of China is not certified under SOC 2 Type 1.
Does Bank of China have SOC 2 Type 2 certification ?
According to Rankiteo, Bank of China does not hold a SOC 2 Type 2 certification.
Does Bank of China comply with GDPR ?
According to Rankiteo, Bank of China is not listed as GDPR compliant.
Does Bank of China have PCI DSS certification ?
According to Rankiteo, Bank of China does not currently maintain PCI DSS compliance.
Does Bank of China comply with HIPAA ?
According to Rankiteo, Bank of China is not compliant with HIPAA regulations.
Does Bank of China have ISO 27001 certification ?
According to Rankiteo,Bank of China is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Bank of China
Bank of China operates primarily in the Banking industry.
Number of Employees at Bank of China
Bank of China employs approximately 22,584 people worldwide.
Subsidiaries Owned by Bank of China
Bank of China presently has no subsidiaries across any sectors.
Bank of China’s LinkedIn Followers
Bank of China’s official LinkedIn profile has approximately 176,469 followers.
NAICS Classification of Bank of China
Bank of China is classified under the NAICS code 52211, which corresponds to Commercial Banking.
Bank of China’s Presence on Crunchbase
Yes, Bank of China has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/bank-of-china.
Bank of China’s Presence on LinkedIn
Yes, Bank of China maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/bank-of-china.
Cybersecurity Incidents Involving Bank of China
As of December 11, 2025, Rankiteo reports that Bank of China has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
Bank of China has an estimated 6,988 peer or competitor companies worldwide.
Bank of China CyberSecurity History Information
How many cyber incidents has Bank of China faced ?
Total Incidents: According to Rankiteo, Bank of China has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at Bank of China ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions prior to 16.0.96 and 17.0.1 through 17.0.9 have a weak default password. By default, this is a 6 digit numeric value which can be brute forced. (This is the app_password parameter). Depending on local configuration, this password could be the extension, voicemail, user manager, DPMA or EPM phone admin password. This issue is fixed in versions 16.0.96 and 17.0.10.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. In versions 2.8.11 and below, the MySQLWriteTool executes arbitrary SQL provided by the caller using PDO::prepare() + execute() without semantic restrictions. This is consistent with the name (“write tool”), but in an LLM/agent context it becomes a high-risk capability: prompt injection or indirect prompt manipulation can cause execution of destructive queries such as DROP TABLE, TRUNCATE, DELETE, ALTER, or privilege-related statements (subject to DB permissions). Deployments that expose an agent with MySQLWriteTool enabled to untrusted input and/or run the tool with a DB user that has broad privileges are impacted. This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 9.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. Versions 2.8.11 and below use MySQLSelectTool, which is vulnerable to Read-Only Bypass. MySQLSelectTool is intended to be a read-only SQL tool (e.g., for LLM agent querying, however, validation based on the first keyword (e.g., SELECT) and a forbidden-keyword list does not block file-writing constructs such as INTO OUTFILE / INTO DUMPFILE. As a result, an attacker who can influence the tool input (e.g., via prompt injection through a public agent endpoint) may write arbitrary files to the DB server if the MySQL/MariaDB account has the FILE privilege and server configuration permits writes to a useful location (e.g., a web-accessible directory). This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Description
Okta Java Management SDK facilitates interactions with the Okta management API. In versions 11.0.0 through 20.0.0, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response. This issue is fixed in version 20.0.1.
Risk Information
cvss3
Base: 8.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
Description
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in versions 4.11.2 and 4.12.1.
Risk Information
cvss3
Base: 5.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=bank-of-china' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
