ExxonMobil
Company Details
Linkedin ID:
exxonmobil
Website:
Employees number:
61,842
Number of followers:
3,254,750
NAICS:
211
Industry Type:
Homepage:
exxonmobil.com
IP Addresses:
294
Company ID:
EXX_1090820
Scan Status:
Completed
ExxonMobil Company CyberSecurity Posture
exxonmobil.com
The need for energy is universal. That's why ExxonMobil scientists and engineers are pioneering new research and pursuing new technologies to reduce emissions while creating more efficient fuels. We're committed to responsibly meeting the world's energy needs. We aim to achieve #netzero emissions from our operated assets by 2050 (for Scope 1 and 2 greenhouse gas emissions) and are taking a comprehensive approach to create emission-reduction roadmaps for major operated assets. Find us also on: YouTube.com/ExxonMobil Find our latest Privacy Policy at https://corporate.exxonmobil.com/Global-legal-pages/privacy-policy See our terms and conditions at https://corporate.exxonmobil.com/global-legal-pages/terms-and-conditions Find resources on our GHG emission reduction efforts here: https://corporate.exxonmobil.com/resources
ExxonMobil A.I CyberSecurity Scoring
ExxonMobil Risk Score (AI oriented)Between 800 and 849
ExxonMobil
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
ExxonMobil Global Score (TPRM)XXXX
ExxonMobil
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
ExxonMobil Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Exxon
Breach
Rankiteo Explanation
Attack threatening the organization’s existence
Description: Exxon faced a significant reputational and potential financial impact due to a hack-and-leak operation targeting climate change activists. The firm hired by Exxon, DCI Group, was investigated for its alleged role in the incident. The internal communications about litigation against Exxon were obtained and leaked to the media, causing disruption to the activists and exposing Exxon to legal and public relations challenges. This attack caused distress among the affected parties and raised questions about the lengths to which corporations might go to protect their interests amid environmental scrutiny.
ExxonMobil Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for ExxonMobil
Incidents vs Oil and Gas Industry Average (This Year)
No incidents recorded for ExxonMobil in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for ExxonMobil in 2025.
Incident Types ExxonMobil vs Oil and Gas Industry Avg (This Year)
No incidents recorded for ExxonMobil in 2025.
Incident History — ExxonMobil (X = Date, Y = Severity)
ExxonMobil cyber incidents detection timeline including parent company and subsidiaries
ExxonMobil Company Subsidiaries
The need for energy is universal. That's why ExxonMobil scientists and engineers are pioneering new research and pursuing new technologies to reduce emissions while creating more efficient fuels. We're committed to responsibly meeting the world's energy needs. We aim to achieve #netzero emissions from our operated assets by 2050 (for Scope 1 and 2 greenhouse gas emissions) and are taking a comprehensive approach to create emission-reduction roadmaps for major operated assets. Find us also on: YouTube.com/ExxonMobil Find our latest Privacy Policy at https://corporate.exxonmobil.com/Global-legal-pages/privacy-policy See our terms and conditions at https://corporate.exxonmobil.com/global-legal-pages/terms-and-conditions Find resources on our GHG emission reduction efforts here: https://corporate.exxonmobil.com/resources
Loading...
ExxonMobil Similar Companies
En YPF, tenemos un Plan 4x4 para convertirnos en una compañía de clase mundial y lograr transformarnos en grandes exportadores de hidrocarburos. Nuestros cuatro pilares son: la aceleración de la producción de petróleo en Vaca Muerta, el activo más importante que tiene nuestro país; la disciplina f
Baker Hughes (NASDAQ: BKR) is an energy technology company that provides solutions for energy and industrial customers worldwide. Built on a century of experience and conducting business in over 120 countries, our innovative technologies and services are taking energy forward – making it safer, clea
Transocean
Transocean is a leading international provider of offshore contract drilling services for oil and gas wells. The company specializes in technically demanding sectors of the global offshore drilling business, with a particular focus on ultra-deepwater and harsh environment drilling services and opera
Suncor
In 1967, we pioneered commercial development of Canada's oil sands – one of the largest petroleum resource basins in the world. Since then, Suncor has grown to become a globally competitive integrated energy company with a balanced portfolio of high-quality assets, a strong balance sheet and signifi
Our motto “Growth is Life” aptly captures the ever-evolving spirit of Reliance. Our activities span hydrocarbon exploration and production, petroleum refining and marketing, petrochemicals, retail, and telecommunications. In each of these areas, we are committed to innovation-led, exponential growth
Oil and Natural Gas Corporation Ltd
Maharatna ONGC is the largest producer of crude oil and natural gas in India, contributing around 70 per cent of Indian domestic production. The crude oil is the raw material used by downstream companies like IOC, BPCL, HPCL to produce petroleum products like Petrol, Diesel, Kerosene, Naphtha, Cooki
Valero
Valero is an international manufacturer and marketer of transportation fuels and petrochemical products. We are a Fortune 500 company based in San Antonio, Texas, fueled by nearly 10,000 employees and 15 petroleum refineries with a combined throughput capacity of approximately 3.2 million barrels pe
Complexul Energetic Oltenia
CE Oltenia is the sole lignite producer in Romania and one of the major players in the energy services sector in Romania, set-up on 31 May 2012 following a decision of the Romanian Government for the reorganization of the energy sector through a merger between a national lignite company (Societate
Ecopetrol
Ecopetrol (NYSE: EC) es la compañía más grande en Colombia y uno de los principales grupos de energía de Latinoamérica. Cuenta con más de 18.000 empleados y es responsable del 60% de la producción de hidrocarburos en Colombia. Es propietaria de las dos refinerías del Colombia y de la gran parte de l
.png)
ExxonMobil CyberSecurity News
November 20, 2025 02:19 PM
Exxon to acquire 40% stake in Enterprise Bahia NGL pipeline
Enterprise Products Partners said on Thursday that Exxon Mobil will buy a 40% stake in its Bahia natural gas liquids pipeline and help...
November 06, 2025 08:00 AM
ExxonMobil, Energean agree farm-in deal for gas block in Greece
Oil major ExxonMobil , Energean and Helleniq Energy on Thursday signed a farm-in agreement for 60% in a gas block in Western Greece,...
November 04, 2025 08:00 AM
ExxonMobil Names Jon Gibbs to Lead New Global Operations Division
Exxon Mobil Corporation (NYSE: XOM) announced a major reorganization that will centralize its operations into a new entity, ExxonMobil...
November 01, 2025 06:15 PM
Profits dip at ExxonMobil, Chevron on lower crude prices
US oil giants ExxonMobil and Chevron reported lower earnings Friday as the decline in oil prices offset the lift from higher production.
October 31, 2025 07:00 AM
Exxon Mobil slides after reporting Q3 earnings
Big oil has been dealing with low oil prices as OPEC+ keeps pumping....
October 20, 2025 07:00 AM
ExxonMobil Is Back in Iraq With Majnoon Oilfield Deal in Basra
ExxonMobil joins BP, Chevron, and TotalEnergies in greenlighting new investment projects in Iraq in 2025 as the government targets oil...
October 09, 2025 07:00 AM
ExxonMobil Signs Deal to Develop Iraq's Massive Majnoon Field
Exxon Mobil Corporation XOM has signed preliminary agreements for the exploration and development of the Majnoon oil field in Iraq.
September 30, 2025 07:00 AM
ExxonMobil and Kinaxis: Creating a Next Gen Supply Chain Management Solution for Oil & Gas
ARC Analyst Larry O'Brien has recently published a report on ARC's Client Portal regarding the recent work between Kinaxis and Exxon to...
September 23, 2025 07:00 AM
Opinion | Your Vote Doesn’t Count at ExxonMobil
Its 'Retail Voting Program' is a power grab by management.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
ExxonMobil CyberSecurity History Information
Official Website of ExxonMobil
The official website of ExxonMobil is http://www.exxonmobil.com.
ExxonMobil’s AI-Generated Cybersecurity Score
According to Rankiteo, ExxonMobil’s AI-generated cybersecurity score is 823, reflecting their Good security posture.
How many security badges does ExxonMobil’ have ?
According to Rankiteo, ExxonMobil currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does ExxonMobil have SOC 2 Type 1 certification ?
According to Rankiteo, ExxonMobil is not certified under SOC 2 Type 1.
Does ExxonMobil have SOC 2 Type 2 certification ?
According to Rankiteo, ExxonMobil does not hold a SOC 2 Type 2 certification.
Does ExxonMobil comply with GDPR ?
According to Rankiteo, ExxonMobil is not listed as GDPR compliant.
Does ExxonMobil have PCI DSS certification ?
According to Rankiteo, ExxonMobil does not currently maintain PCI DSS compliance.
Does ExxonMobil comply with HIPAA ?
According to Rankiteo, ExxonMobil is not compliant with HIPAA regulations.
Does ExxonMobil have ISO 27001 certification ?
According to Rankiteo,ExxonMobil is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of ExxonMobil
ExxonMobil operates primarily in the Oil and Gas industry.
Number of Employees at ExxonMobil
ExxonMobil employs approximately 61,842 people worldwide.
Subsidiaries Owned by ExxonMobil
ExxonMobil presently has no subsidiaries across any sectors.
ExxonMobil’s LinkedIn Followers
ExxonMobil’s official LinkedIn profile has approximately 3,254,750 followers.
NAICS Classification of ExxonMobil
ExxonMobil is classified under the NAICS code 211, which corresponds to Oil and Gas Extraction.
ExxonMobil’s Presence on Crunchbase
No, ExxonMobil does not have a profile on Crunchbase.
ExxonMobil’s Presence on LinkedIn
Yes, ExxonMobil maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/exxonmobil.
Cybersecurity Incidents Involving ExxonMobil
As of December 11, 2025, Rankiteo reports that ExxonMobil has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
ExxonMobil has an estimated 10,531 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at ExxonMobil ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
Incident Details
Can you provide details on each incident ?
Title: Exxon Hack-and-Leak Operation Targeting Climate Change Activists
Description: Exxon faced a significant reputational and potential financial impact due to a hack-and-leak operation targeting climate change activists. The firm hired by Exxon, DCI Group, was investigated for its alleged role in the incident. The internal communications about litigation against Exxon were obtained and leaked to the media, causing disruption to the activists and exposing Exxon to legal and public relations challenges. This attack caused distress among the affected parties and raised questions about the lengths to which corporations might go to protect their interests amid environmental scrutiny.
Type: Hack-and-Leak Operation
Threat Actor: DCI Group
Motivation: To protect corporate interests amid environmental scrutiny
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Hack-and-Leak Operation EXX000120924
Data Compromised: Internal communications about litigation
Operational Impact: Disruption to climate change activists
Brand Reputation Impact: Significant reputational impact
Legal Liabilities: Exposed to legal and public relations challenges
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Internal Communications and .
Which entities were affected by each incident ?
Incident : Hack-and-Leak Operation EXX000120924
Entity Name: Exxon
Entity Type: Corporation
Industry: Energy
Data Breach Information
What type of data was compromised in each breach ?
Incident : Hack-and-Leak Operation EXX000120924
Type of Data Compromised: Internal communications
Data Exfiltration: Internal communications about litigation
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an DCI Group.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Internal communications about litigation and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was Internal communications about litigation.
.png)
Latest Global CVEs (Not Company-Specific)
Description
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions prior to 16.0.96 and 17.0.1 through 17.0.9 have a weak default password. By default, this is a 6 digit numeric value which can be brute forced. (This is the app_password parameter). Depending on local configuration, this password could be the extension, voicemail, user manager, DPMA or EPM phone admin password. This issue is fixed in versions 16.0.96 and 17.0.10.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. In versions 2.8.11 and below, the MySQLWriteTool executes arbitrary SQL provided by the caller using PDO::prepare() + execute() without semantic restrictions. This is consistent with the name (“write tool”), but in an LLM/agent context it becomes a high-risk capability: prompt injection or indirect prompt manipulation can cause execution of destructive queries such as DROP TABLE, TRUNCATE, DELETE, ALTER, or privilege-related statements (subject to DB permissions). Deployments that expose an agent with MySQLWriteTool enabled to untrusted input and/or run the tool with a DB user that has broad privileges are impacted. This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 9.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. Versions 2.8.11 and below use MySQLSelectTool, which is vulnerable to Read-Only Bypass. MySQLSelectTool is intended to be a read-only SQL tool (e.g., for LLM agent querying, however, validation based on the first keyword (e.g., SELECT) and a forbidden-keyword list does not block file-writing constructs such as INTO OUTFILE / INTO DUMPFILE. As a result, an attacker who can influence the tool input (e.g., via prompt injection through a public agent endpoint) may write arbitrary files to the DB server if the MySQL/MariaDB account has the FILE privilege and server configuration permits writes to a useful location (e.g., a web-accessible directory). This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Description
Okta Java Management SDK facilitates interactions with the Okta management API. In versions 11.0.0 through 20.0.0, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response. This issue is fixed in version 20.0.1.
Risk Information
cvss3
Base: 8.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
Description
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in versions 4.11.2 and 4.12.1.
Risk Information
cvss3
Base: 5.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=exxonmobil' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
