IAG
Company Details
Linkedin ID:
iag
Website:
Employees number:
12,323
Number of followers:
95,658
NAICS:
524
Industry Type:
Homepage:
iag.com.au
IP Addresses:
153
Company ID:
IAG_1359910
Scan Status:
Completed
IAG Company CyberSecurity Posture
iag.com.au
IAG is Australia and New Zealand's largest general insurance company with a purpose to make your world a safer place, whether you are a customer, partner, employee, shareholder or part of the communities IAG serves across Australia and New Zealand. Our businesses have helped people recover from natural disasters, accidents and loss since 1851. In Australia and New Zealand we provide insurance under many leading brands, including NRMA Insurance, CGU, SGIO, SGIC and WFI; and NZI, State, AMI and Lumley Insurance (New Zealand). We also have interests in general insurance joint ventures in Malaysia and India. Increasingly, we see our role extending beyond paying claims to increasing awareness of risk, and helping communities reduce and prevent risk. We believe it is our responsibility as an industry leader to use our influence and role as a major investor, purchaser and employer for the good of everyone. For further information please visit www.iag.com.au.
IAG A.I CyberSecurity Scoring
IAG Risk Score (AI oriented)Between 750 and 799
IAG
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
IAG Global Score (TPRM)XXXX
IAG
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
IAG Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
IAG Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for IAG
Incidents vs Insurance Industry Average (This Year)
No incidents recorded for IAG in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for IAG in 2025.
Incident Types IAG vs Insurance Industry Avg (This Year)
No incidents recorded for IAG in 2025.
Incident History — IAG (X = Date, Y = Severity)
IAG cyber incidents detection timeline including parent company and subsidiaries
IAG Company Subsidiaries
IAG is Australia and New Zealand's largest general insurance company with a purpose to make your world a safer place, whether you are a customer, partner, employee, shareholder or part of the communities IAG serves across Australia and New Zealand. Our businesses have helped people recover from natural disasters, accidents and loss since 1851. In Australia and New Zealand we provide insurance under many leading brands, including NRMA Insurance, CGU, SGIO, SGIC and WFI; and NZI, State, AMI and Lumley Insurance (New Zealand). We also have interests in general insurance joint ventures in Malaysia and India. Increasingly, we see our role extending beyond paying claims to increasing awareness of risk, and helping communities reduce and prevent risk. We believe it is our responsibility as an industry leader to use our influence and role as a major investor, purchaser and employer for the good of everyone. For further information please visit www.iag.com.au.
Loading...
IAG Similar Companies
State Life Insurance Pakistan
The Life Insurance Business in Pakistan was nationalized in March 1972. Initially, the Life Insurance business of 32 Insurance Companies was merged and placed under three Beema Units named “A”, “B” and “C” Beema Units. However, later these Beema Units were merged, and effective November 1, 1972, the
Prudential Indonesia (PT Prudential Life Assurance)
Listening. Understanding. Delivering. At Prudential Indonesia we deliver excellence by consistently innovating, creating new opportunities and growing our business to cater all of our customers' needs. With a vision of becoming truly world class, Prudential Indonesia provides quality services and
We live in a time of unprecedented change. A time when economies, regulations, and social safety nets are all in flux. Customers around the globe have told us they’re overwhelmed by the pace of change and are looking for a trusted partner to help them manage life’s twists and turns. MetLife is com
Star Health and Allied Insurance Co. Ltd
Star Health & Allied Insurance Co. Ltd. is an Indian health insurance company headquartered in Chennai. They began their operations in 2006 as India's first standalone Health Insurance provider. They offer innovative products in the health, personal accident and overseas & domestic travel insurance.
Canada Life
At Canada Life, we’re focused on improving the financial, physical and mental well-being of Canadians. Whether handling policy claims, help growing and protecting clients’ retirement and investment savings, providing workplace mental health support for all employers or helping build stronger communi
HUB International
Hi, we’re HUB. We advise businesses and individuals on how to reach their goals. When you partner with us, you’re at the center of a vast network of risk, insurance, employee benefits, retirement and wealth management specialists that bring clarity to a changing world with tailored solutions and un
USI Insurance Services
USI is one of the largest insurance brokerage and consulting firms in the world, delivering property and casualty, employee benefits, personal risk, program and retirement solutions to large risk management clients, middle market companies, smaller firms and individuals. Headquartered in Valhalla, N
Munich Re
Munich Re is one of the world’s leading providers of reinsurance, primary insurance and insurance-related risk solutions. The group consists of the reinsurance and ERGO business segments, as well as the capital investment company MEAG. We are globally active and operate in all lines of the insurance
We help our clients and colleagues grow — and our communities thrive — by protecting and promoting Possibility. We seek better ways to manage risk and define more effective paths to the right outcome. We go beyond risk to rewards for our clients, our company, our colleagues, and the communities in w
.png)
IAG CyberSecurity News
November 26, 2025 08:00 AM
International Consolidated Airlines Group (IAG) Today: Share Price, €1bn Buyback, Iberia Cyberattack and TAP Bid – 26 November 2025
British Airways owner IAG enters a crucial week for shareholders as its €1bn buyback wraps up, a new dividend goes ex‑date, and subsidiary...
November 25, 2025 01:50 PM
Iberia airline detects serious data breach and activates security protocol
The flag carrier of Spain, which carried a record 31.7 million passengers last year, has reassured customers that their banking details...
November 19, 2025 08:00 AM
GLI integrates IT security arm Bulletproof’s ISS solutions into compliance network
Leading global test lab GLI says it has integrated the world-class information system security (ISS) assessment solutions of its IT and...
October 10, 2025 07:00 AM
Summit in the skies: Aviation’s big players land in Lisbon
Day 2 of the World Aviation Festival 2025 in Lisbon brought together some of the most influential voices in global aviation.
October 02, 2025 07:00 AM
Cyber Group Extorts Executives After Claiming Oracle Apps Breach
Executives and technology departments at large organizations are being extorted by a notorious ransomware group that claims to have stolen...
September 23, 2025 07:00 AM
Ransomware Attack Causes Widespread Disruptions at European Airports
Software provider Collins Aerospace, whose systems support airlines at London Heathrow, Brussels, Berlin, and Dublin.
September 22, 2025 07:00 AM
Flight delays continue across Europe after weekend cyber-attack
Software provider Collins Aerospace completing updates after Heathrow, Brussels and Berlin hit by problems.
July 19, 2025 07:00 AM
BA Data Breach: The Real Cost of Negligence
Discover how BA's £20M data breach exposed security failures & shattered trust. A critical lesson for businesses on privacy's true price.
July 10, 2025 07:00 AM
British Airways Restricts Pilots and Cabin Crew at London Heathrow and IAG Systems Over Cyber Threat Concerns: New Updates
British Airways locks out pilots and cabin crew at London Heathrow and IAG systems amid cyber threats. Crew access disabled due to...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
IAG CyberSecurity History Information
Official Website of IAG
The official website of IAG is http://www.iag.com.au.
IAG’s AI-Generated Cybersecurity Score
According to Rankiteo, IAG’s AI-generated cybersecurity score is 784, reflecting their Fair security posture.
How many security badges does IAG’ have ?
According to Rankiteo, IAG currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does IAG have SOC 2 Type 1 certification ?
According to Rankiteo, IAG is not certified under SOC 2 Type 1.
Does IAG have SOC 2 Type 2 certification ?
According to Rankiteo, IAG does not hold a SOC 2 Type 2 certification.
Does IAG comply with GDPR ?
According to Rankiteo, IAG is not listed as GDPR compliant.
Does IAG have PCI DSS certification ?
According to Rankiteo, IAG does not currently maintain PCI DSS compliance.
Does IAG comply with HIPAA ?
According to Rankiteo, IAG is not compliant with HIPAA regulations.
Does IAG have ISO 27001 certification ?
According to Rankiteo,IAG is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of IAG
IAG operates primarily in the Insurance industry.
Number of Employees at IAG
IAG employs approximately 12,323 people worldwide.
Subsidiaries Owned by IAG
IAG presently has no subsidiaries across any sectors.
IAG’s LinkedIn Followers
IAG’s official LinkedIn profile has approximately 95,658 followers.
NAICS Classification of IAG
IAG is classified under the NAICS code 524, which corresponds to Insurance Carriers and Related Activities.
IAG’s Presence on Crunchbase
No, IAG does not have a profile on Crunchbase.
IAG’s Presence on LinkedIn
Yes, IAG maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/iag.
Cybersecurity Incidents Involving IAG
As of December 11, 2025, Rankiteo reports that IAG has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
IAG has an estimated 15,015 peer or competitor companies worldwide.
IAG CyberSecurity History Information
How many cyber incidents has IAG faced ?
Total Incidents: According to Rankiteo, IAG has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at IAG ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions prior to 16.0.96 and 17.0.1 through 17.0.9 have a weak default password. By default, this is a 6 digit numeric value which can be brute forced. (This is the app_password parameter). Depending on local configuration, this password could be the extension, voicemail, user manager, DPMA or EPM phone admin password. This issue is fixed in versions 16.0.96 and 17.0.10.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. In versions 2.8.11 and below, the MySQLWriteTool executes arbitrary SQL provided by the caller using PDO::prepare() + execute() without semantic restrictions. This is consistent with the name (“write tool”), but in an LLM/agent context it becomes a high-risk capability: prompt injection or indirect prompt manipulation can cause execution of destructive queries such as DROP TABLE, TRUNCATE, DELETE, ALTER, or privilege-related statements (subject to DB permissions). Deployments that expose an agent with MySQLWriteTool enabled to untrusted input and/or run the tool with a DB user that has broad privileges are impacted. This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 9.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. Versions 2.8.11 and below use MySQLSelectTool, which is vulnerable to Read-Only Bypass. MySQLSelectTool is intended to be a read-only SQL tool (e.g., for LLM agent querying, however, validation based on the first keyword (e.g., SELECT) and a forbidden-keyword list does not block file-writing constructs such as INTO OUTFILE / INTO DUMPFILE. As a result, an attacker who can influence the tool input (e.g., via prompt injection through a public agent endpoint) may write arbitrary files to the DB server if the MySQL/MariaDB account has the FILE privilege and server configuration permits writes to a useful location (e.g., a web-accessible directory). This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Description
Okta Java Management SDK facilitates interactions with the Okta management API. In versions 11.0.0 through 20.0.0, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response. This issue is fixed in version 20.0.1.
Risk Information
cvss3
Base: 8.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
Description
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in versions 4.11.2 and 4.12.1.
Risk Information
cvss3
Base: 5.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=iag' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
