Fanatics
Company Details
Linkedin ID:
fanatics-inc-
Website:
Employees number:
11,196
Number of followers:
261,119
NAICS:
513
Industry Type:
Homepage:
fanaticsinc.com
IP Addresses:
0
Company ID:
FAN_2293184
Scan Status:
In-progress
Fanatics Company CyberSecurity Posture
fanaticsinc.com
Fanatics is a leading global digital sports platform. We ignite the passions of global sports fans and maximize the presence and reach for our hundreds of sports partners globally by offering products and services across Fanatics Commerce, Fanatics Collectibles, and Fanatics Betting & Gaming, allowing sports fans to Buy, Collect, and Bet. Through the Fanatics platform, sports fans can buy licensed fan gear, jerseys, lifestyle and streetwear products, headwear, and hardgoods; collect physical and digital trading cards, sports memorabilia, and other digital assets; and bet as the company builds its Sportsbook and iGaming platform. Fanatics has an established database of over 100 million global sports fans; a global partner network with approximately 900 sports properties, including major national and international professional sports leagues, players associations, teams, colleges, college conferences and retail partners, 2,500 athletes and celebrities, and 200 exclusive athletes; and over 2,000 retail locations, including its Lids retail stores. Our more than 22,000 employees are committed to relentlessly enhancing the fan experience and delighting sports fans globally.
Fanatics A.I CyberSecurity Scoring
Fanatics Risk Score (AI oriented)Between 750 and 799
Fanatics
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Fanatics Global Score (TPRM)XXXX
Fanatics
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Fanatics Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
The Topps Company, Inc.
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The California Office of the Attorney General reported a data breach involving The Topps Company, Inc. on December 27, 2016. The breach occurred due to unauthorized access to the Topps website, potentially compromising customer information including names, addresses, email addresses, phone numbers, and payment card details collected between July 30, 2016, and October 12, 2016.
Fanatics Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Fanatics
Incidents vs Technology, Information and Internet Industry Average (This Year)
No incidents recorded for Fanatics in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Fanatics in 2025.
Incident Types Fanatics vs Technology, Information and Internet Industry Avg (This Year)
No incidents recorded for Fanatics in 2025.
Incident History — Fanatics (X = Date, Y = Severity)
Fanatics cyber incidents detection timeline including parent company and subsidiaries
Fanatics Company Subsidiaries
Fanatics is a leading global digital sports platform. We ignite the passions of global sports fans and maximize the presence and reach for our hundreds of sports partners globally by offering products and services across Fanatics Commerce, Fanatics Collectibles, and Fanatics Betting & Gaming, allowing sports fans to Buy, Collect, and Bet. Through the Fanatics platform, sports fans can buy licensed fan gear, jerseys, lifestyle and streetwear products, headwear, and hardgoods; collect physical and digital trading cards, sports memorabilia, and other digital assets; and bet as the company builds its Sportsbook and iGaming platform. Fanatics has an established database of over 100 million global sports fans; a global partner network with approximately 900 sports properties, including major national and international professional sports leagues, players associations, teams, colleges, college conferences and retail partners, 2,500 athletes and celebrities, and 200 exclusive athletes; and over 2,000 retail locations, including its Lids retail stores. Our more than 22,000 employees are committed to relentlessly enhancing the fan experience and delighting sports fans globally.
Loading...
Fanatics Similar Companies
The Death Star
The mission of the Death Star is to keep the local systems "in line". As we have recently dissolved our Board of Directors, there is little resistance to our larger goal of universal domination. Our Stormtroopers are excellent shots and operate with our Navy, and are fielded like marines - sep
e&
We're a global technology group focused on innovation and collaboration to create a better future for all. Since 1976, we've been pioneering new technologies and expanding our reach to more people and places. Today, we provide services to over 163 million customers across 16 countries in the Middle
Arrow Electronics
Arrow Electronics (NYSE:ARW) guides innovation forward for thousands of leading technology manufacturers and service providers. With 2024 sales of $27.9 billion, Arrow develops technology solutions that help improve business and daily life. Our broad portfolio that spans the entire technology lands
Swiggy is India’s pioneering on-demand convenience platform, catering to millions of consumers each month. Founded in 2014, its mission is to elevate the quality of life for the urban consumer by offering unparalleled convenience. With an extensive footprint in food delivery, Swiggy Food collaborate
Primary School
www.primaryschool.com.au is a directory of sites for students and lesson plans and reference material for teachers and parents. It is currently averaging up to 350,000 unique visitors a month and has over 44,000 subscribers to its free weekly newsletter which showcases the latest internet based reso
Meesho is India’s fastest growing internet commerce company. We want to make eCommerce accessible to all. Our vision is to enable 100 million small businesses in India, including individual entrepreneurs, to succeed online. Our mission is to democratise internet commerce by bringing a range of produ
As the world’s leading local delivery platform, our mission is to deliver an amazing experience, fast, easy, and to your door. We operate in over 70+ countries worldwide, powered by tech but driven by people. As one of Europe’s largest tech platforms, we enable ambitious talent to deliver solutions
Peraton
Do the can't be done. At Peraton, we're at the forefront of delivering the next big thing every day. We're the partner of choice to help solve some of the world's most daunting challenges, delivering bold, new solutions to keep people around the world safer and more secure. How do we do it? By thi
Cimpress plc (Nasdaq: CMPR) invests in and builds customer-focused, entrepreneurial, mass-customization businesses for the long term. Mass customization is a competitive strategy which seeks to produce goods and services to meet individual customer needs with near mass production efficiency. Cimpr
.png)
Fanatics CyberSecurity News
September 24, 2025 07:00 AM
Boyd Gaming experiences third party cybersecurity attack
The operator stated the September 23 cyberattack 'has had no impact' on business operations or an effect in any of Boyd Gaming's properties,...
August 18, 2025 07:00 AM
Bragg Gaming Group Announces Cyber Security Incident
Bragg Gaming Group announces it has been hit by a "cybersecurity incident" but the company adds no personal data been been affected.
May 08, 2025 07:00 AM
Fanatics Advances Toward Full Five-Year License in Massachusetts
The Massachusetts Gaming Commission (MGC) held an adjudicatory hearing for Fanatics Betting and Gaming on April 30, recommending it be suitable for a full five...
December 25, 2024 08:00 AM
Top 10 Tech Internships Offered in Jacksonville
Jacksonville's thriving tech scene offers exceptional internship opportunities in sectors like fintech, cybersecurity, and healthcare tech.
November 21, 2024 08:00 AM
IGT Confirms Cybersecurity Incident, Launches Investigation
While the company is working on mitigating the impact of the incident, it is currently unclear if it had material impact.
October 23, 2024 07:00 AM
What tech leaders are planning to spend on in 2025
Artificial intelligence is at the top of the list for what tech leaders are planning to spend on in 2025.
February 15, 2024 08:00 AM
Continent 8 Technologies expands US footprint with strategic launch in the state of Vermont
Continent 8 Technologies, an award-winning managed hosting, connectivity, and cybersecurity solutions provider has bolstered its presence in the US market...
October 09, 2023 07:00 AM
Annual Cybersecurity Fair to Focus on Digital Privacy
With data leaks and hacking so prevalent in today's digital landscape, security and privacy are among some of the top growing concerns in...
March 30, 2023 07:00 AM
Lacework Celebrates Inspiring "Secured by Women" Leaders
PRNewswire/ -- Lacework®, the data-driven cloud security company, today announced five inspirational CISOs and security leaders selected as...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Fanatics CyberSecurity History Information
Official Website of Fanatics
The official website of Fanatics is http://www.fanaticsinc.com.
Fanatics’s AI-Generated Cybersecurity Score
According to Rankiteo, Fanatics’s AI-generated cybersecurity score is 793, reflecting their Fair security posture.
How many security badges does Fanatics’ have ?
According to Rankiteo, Fanatics currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Fanatics have SOC 2 Type 1 certification ?
According to Rankiteo, Fanatics is not certified under SOC 2 Type 1.
Does Fanatics have SOC 2 Type 2 certification ?
According to Rankiteo, Fanatics does not hold a SOC 2 Type 2 certification.
Does Fanatics comply with GDPR ?
According to Rankiteo, Fanatics is not listed as GDPR compliant.
Does Fanatics have PCI DSS certification ?
According to Rankiteo, Fanatics does not currently maintain PCI DSS compliance.
Does Fanatics comply with HIPAA ?
According to Rankiteo, Fanatics is not compliant with HIPAA regulations.
Does Fanatics have ISO 27001 certification ?
According to Rankiteo,Fanatics is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Fanatics
Fanatics operates primarily in the Technology, Information and Internet industry.
Number of Employees at Fanatics
Fanatics employs approximately 11,196 people worldwide.
Subsidiaries Owned by Fanatics
Fanatics presently has no subsidiaries across any sectors.
Fanatics’s LinkedIn Followers
Fanatics’s official LinkedIn profile has approximately 261,119 followers.
NAICS Classification of Fanatics
Fanatics is classified under the NAICS code 513, which corresponds to Others.
Fanatics’s Presence on Crunchbase
Yes, Fanatics has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/fanatics.
Fanatics’s Presence on LinkedIn
Yes, Fanatics maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/fanatics-inc-.
Cybersecurity Incidents Involving Fanatics
As of December 11, 2025, Rankiteo reports that Fanatics has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Fanatics has an estimated 13,045 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Fanatics ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
Incident Details
Can you provide details on each incident ?
Title: Data Breach at The Topps Company, Inc.
Description: The California Office of the Attorney General reported a data breach involving The Topps Company, Inc. on December 27, 2016. The breach occurred due to unauthorized access to the Topps website, potentially compromising customer information including names, addresses, email addresses, phone numbers, and payment card details collected between July 30, 2016, and October 12, 2016.
Date Detected: 2016-12-27
Date Publicly Disclosed: 2016-12-27
Type: Data Breach
Attack Vector: Unauthorized Access
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach THE444072525
Data Compromised: Names, Addresses, Email addresses, Phone numbers, Payment card details
Systems Affected: Topps website
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Names, Addresses, Email Addresses, Phone Numbers, Payment Card Details and .
Which entities were affected by each incident ?
Incident : Data Breach THE444072525
Entity Name: The Topps Company, Inc.
Entity Type: Company
Industry: Retail
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach THE444072525
Type of Data Compromised: Names, Addresses, Email addresses, Phone numbers, Payment card details
Personally Identifiable Information: namesaddressesemail addressesphone numbers
References
Where can I find more information about each incident ?
Incident : Data Breach THE444072525
Source: California Office of the Attorney General
Date Accessed: 2016-12-27
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: California Office of the Attorney GeneralDate Accessed: 2016-12-27.
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2016-12-27.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2016-12-27.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were names, addresses, email addresses, phone numbers, payment card details and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Topps website.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were names, payment card details, addresses, phone numbers and email addresses.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is California Office of the Attorney General.
.png)
Latest Global CVEs (Not Company-Specific)
Description
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions prior to 16.0.96 and 17.0.1 through 17.0.9 have a weak default password. By default, this is a 6 digit numeric value which can be brute forced. (This is the app_password parameter). Depending on local configuration, this password could be the extension, voicemail, user manager, DPMA or EPM phone admin password. This issue is fixed in versions 16.0.96 and 17.0.10.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. In versions 2.8.11 and below, the MySQLWriteTool executes arbitrary SQL provided by the caller using PDO::prepare() + execute() without semantic restrictions. This is consistent with the name (“write tool”), but in an LLM/agent context it becomes a high-risk capability: prompt injection or indirect prompt manipulation can cause execution of destructive queries such as DROP TABLE, TRUNCATE, DELETE, ALTER, or privilege-related statements (subject to DB permissions). Deployments that expose an agent with MySQLWriteTool enabled to untrusted input and/or run the tool with a DB user that has broad privileges are impacted. This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 9.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. Versions 2.8.11 and below use MySQLSelectTool, which is vulnerable to Read-Only Bypass. MySQLSelectTool is intended to be a read-only SQL tool (e.g., for LLM agent querying, however, validation based on the first keyword (e.g., SELECT) and a forbidden-keyword list does not block file-writing constructs such as INTO OUTFILE / INTO DUMPFILE. As a result, an attacker who can influence the tool input (e.g., via prompt injection through a public agent endpoint) may write arbitrary files to the DB server if the MySQL/MariaDB account has the FILE privilege and server configuration permits writes to a useful location (e.g., a web-accessible directory). This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Description
Okta Java Management SDK facilitates interactions with the Okta management API. In versions 11.0.0 through 20.0.0, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response. This issue is fixed in version 20.0.1.
Risk Information
cvss3
Base: 8.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
Description
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in versions 4.11.2 and 4.12.1.
Risk Information
cvss3
Base: 5.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=fanatics-inc-' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
