JD.COM
Company Details
Linkedin ID:
jd.com
Website:
Employees number:
37,547
Number of followers:
470,096
NAICS:
5112
Industry Type:
Homepage:
jd.com
IP Addresses:
0
Company ID:
JD._1336175
Scan Status:
In-progress
JD.COM Company CyberSecurity Posture
jd.com
JD.com, also known as JINGDONG, is a leading e-commerce company transferring to be a technology and service enterprise with supply chain at its core. JD.com’s business has expanded across retail, technology, logistics, health, property development, industrials, and international business. Ranking 44 on the Fortune Global 500, JD.com is China’s largest retailer by revenue. JD.com serves over 600 million customers and has set the standard for e-commerce through its commitment to quality, authenticity, and competitive pricing. The company operates the largest fulfillment infrastructure of any e-commerce company in China, enabling 90% of retail orders to be delivered within the same or next day. JD.com also promotes productivity and innovation across a range of industries by offering its cutting-edge technology and infrastructure to partners, brands, and diverse sectors.
JD.COM A.I CyberSecurity Scoring
JD.COM Risk Score (AI oriented)Between 800 and 849
JD.COM
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
JD.COM Global Score (TPRM)XXXX
JD.COM
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
JD.COM Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
JD.COM Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for JD.COM
Incidents vs Software Development Industry Average (This Year)
No incidents recorded for JD.COM in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for JD.COM in 2025.
Incident Types JD.COM vs Software Development Industry Avg (This Year)
No incidents recorded for JD.COM in 2025.
Incident History — JD.COM (X = Date, Y = Severity)
JD.COM cyber incidents detection timeline including parent company and subsidiaries
JD.COM Company Subsidiaries
JD.com, also known as JINGDONG, is a leading e-commerce company transferring to be a technology and service enterprise with supply chain at its core. JD.com’s business has expanded across retail, technology, logistics, health, property development, industrials, and international business. Ranking 44 on the Fortune Global 500, JD.com is China’s largest retailer by revenue. JD.com serves over 600 million customers and has set the standard for e-commerce through its commitment to quality, authenticity, and competitive pricing. The company operates the largest fulfillment infrastructure of any e-commerce company in China, enabling 90% of retail orders to be delivered within the same or next day. JD.com also promotes productivity and innovation across a range of industries by offering its cutting-edge technology and infrastructure to partners, brands, and diverse sectors.
Loading...
JD.COM Similar Companies
Adobe
Adobe is the global leader in digital media and digital marketing solutions. Our creative, marketing and document solutions empower everyone – from emerging artists to global brands – to bring digital creations to life and deliver immersive, compelling experiences to the right person at the right mo
Snowflake
**Snowflake is proud to be the Official Data Collaboration Provider for LA28 and Team USA.** Snowflake delivers the AI Data Cloud — a global network where thousands of organizations mobilize data with near-unlimited scale, concurrency, and performance. Inside the AI Data Cloud, organizations unite
Cisco
Cisco is the worldwide technology leader that is revolutionizing the way organizations connect and protect in the AI era. For more than 40 years, Cisco has securely connected the world. With its industry leading AI-powered solutions and services, Cisco enables its customers, partners and communities
Walmart Global Tech
Walmart has a long history of transforming retail and using technology to deliver innovations that improve how the world shops and empower our 2.1 million associates. It began with Sam Walton and continues today with Global Tech associates working together to power Walmart and lead the next retail d
Airbnb
Airbnb was born in 2007 when two hosts welcomed three guests to their San Francisco home, and has since grown to over 5 million hosts who have welcomed over 2 billion guest arrivals in almost every country across the globe. Every day, hosts offer unique stays, experiences and services that make it p
A problem isn't truly solved until it's solved for all. Googlers build products that help create opportunities for everyone, whether down the street or across the globe. Bring your insight, imagination and a healthy disregard for the impossible. Bring everything that makes you unique. Together, we c
We're a global online visual communications platform on a mission to empower the world to design. Featuring a simple drag-and-drop user interface and a vast range of templates ranging from presentations, documents, websites, social media graphics, posters, apparel to videos, plus a huge library of f
DiDi
DiDi Global Inc. is a leading mobility technology platform. It offers a wide range of app-based services across Asia Pacific, Latin America, and other global markets, including ride hailing, taxi hailing, designated driving, hitch and other forms of shared mobility as well as certain energy and vehi
Meituan
Adhering to the ‘Retail + Technology’ strategy, Meituan commits to its mission that 'We help people eat better, live better'. Since its establishment in March 2010, Meituan has advanced the digital upgrading of services and goods retail on both supply and demand sides. Together with our partners we
.png)
JD.COM CyberSecurity News
November 03, 2025 08:00 AM
CHINA: Amendments to Cybersecurity Law Effective 1 January 2026
On 28 October 2025, China passed amendments to the Cybersecurity Law, marking the first update since its enactment in 2016.
October 22, 2025 07:00 AM
China's Salt Typhoon exploited SharePoint to hit govts
Security researchers now say more Chinese crews - likely including Salt Typhoon - than previously believed exploited a critical Microsoft...
October 20, 2025 07:00 AM
China accuses US of cyberattacks after alleged NSA hack
China has blamed the US for a "major cyberattack" against its National Time Service Center, alleging it could have disrupted the country's...
October 20, 2025 07:00 AM
Suspected Salt Typhoon snoops lurking in European telco's network
China's Salt Typhoon gang appears to have successfully attacked a European telecommunications firm, according to security researchers at...
October 14, 2025 07:00 AM
Chinese gang used ArcGIS as a backdoor for a year – and no one noticed
A Chinese state-backed cybergang known as Flax Typhoon spent more than a year burrowing inside an ArcGIS server, quietly turning the trusted...
October 10, 2025 07:00 AM
Ransomware crims that exploited SharePoint 0-days add Velociraptor to their arsenal
The ransomware gang caught exploiting Microsoft SharePoint zero-days over the summer has added a new tool to its arsenal: Velociraptor,...
October 10, 2025 07:00 AM
Phishing kit YYlaiyu impersonates 97 brands for fraud
Exclusive A Chinese-developed phishing kit hosted on thousands of domains and boasting 97 different brands to make criminals' scams look...
October 01, 2025 07:00 AM
Beijing-backed burglars target government web servers
Threat-hunters at Palo Alto Networks' Unit 42 have decided a gang they spotted two years ago is backed by China, after seeing it sling a new...
October 01, 2025 07:00 AM
Communicating with the SEC When Your Organization Suffers a Cybersecurity Incident
The Securities and Exchange Commission (SEC) has made clear—through its rulemaking, enforcement actions, public statements, and formidable...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
JD.COM CyberSecurity History Information
Official Website of JD.COM
The official website of JD.COM is http://corporate.jd.com/.
JD.COM’s AI-Generated Cybersecurity Score
According to Rankiteo, JD.COM’s AI-generated cybersecurity score is 809, reflecting their Good security posture.
How many security badges does JD.COM’ have ?
According to Rankiteo, JD.COM currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does JD.COM have SOC 2 Type 1 certification ?
According to Rankiteo, JD.COM is not certified under SOC 2 Type 1.
Does JD.COM have SOC 2 Type 2 certification ?
According to Rankiteo, JD.COM does not hold a SOC 2 Type 2 certification.
Does JD.COM comply with GDPR ?
According to Rankiteo, JD.COM is not listed as GDPR compliant.
Does JD.COM have PCI DSS certification ?
According to Rankiteo, JD.COM does not currently maintain PCI DSS compliance.
Does JD.COM comply with HIPAA ?
According to Rankiteo, JD.COM is not compliant with HIPAA regulations.
Does JD.COM have ISO 27001 certification ?
According to Rankiteo,JD.COM is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of JD.COM
JD.COM operates primarily in the Software Development industry.
Number of Employees at JD.COM
JD.COM employs approximately 37,547 people worldwide.
Subsidiaries Owned by JD.COM
JD.COM presently has no subsidiaries across any sectors.
JD.COM’s LinkedIn Followers
JD.COM’s official LinkedIn profile has approximately 470,096 followers.
NAICS Classification of JD.COM
JD.COM is classified under the NAICS code 5112, which corresponds to Software Publishers.
JD.COM’s Presence on Crunchbase
No, JD.COM does not have a profile on Crunchbase.
JD.COM’s Presence on LinkedIn
Yes, JD.COM maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/jd.com.
Cybersecurity Incidents Involving JD.COM
As of December 11, 2025, Rankiteo reports that JD.COM has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
JD.COM has an estimated 27,532 peer or competitor companies worldwide.
JD.COM CyberSecurity History Information
How many cyber incidents has JD.COM faced ?
Total Incidents: According to Rankiteo, JD.COM has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at JD.COM ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions prior to 16.0.96 and 17.0.1 through 17.0.9 have a weak default password. By default, this is a 6 digit numeric value which can be brute forced. (This is the app_password parameter). Depending on local configuration, this password could be the extension, voicemail, user manager, DPMA or EPM phone admin password. This issue is fixed in versions 16.0.96 and 17.0.10.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. In versions 2.8.11 and below, the MySQLWriteTool executes arbitrary SQL provided by the caller using PDO::prepare() + execute() without semantic restrictions. This is consistent with the name (“write tool”), but in an LLM/agent context it becomes a high-risk capability: prompt injection or indirect prompt manipulation can cause execution of destructive queries such as DROP TABLE, TRUNCATE, DELETE, ALTER, or privilege-related statements (subject to DB permissions). Deployments that expose an agent with MySQLWriteTool enabled to untrusted input and/or run the tool with a DB user that has broad privileges are impacted. This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 9.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. Versions 2.8.11 and below use MySQLSelectTool, which is vulnerable to Read-Only Bypass. MySQLSelectTool is intended to be a read-only SQL tool (e.g., for LLM agent querying, however, validation based on the first keyword (e.g., SELECT) and a forbidden-keyword list does not block file-writing constructs such as INTO OUTFILE / INTO DUMPFILE. As a result, an attacker who can influence the tool input (e.g., via prompt injection through a public agent endpoint) may write arbitrary files to the DB server if the MySQL/MariaDB account has the FILE privilege and server configuration permits writes to a useful location (e.g., a web-accessible directory). This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Description
Okta Java Management SDK facilitates interactions with the Okta management API. In versions 11.0.0 through 20.0.0, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response. This issue is fixed in version 20.0.1.
Risk Information
cvss3
Base: 8.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
Description
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in versions 4.11.2 and 4.12.1.
Risk Information
cvss3
Base: 5.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=jd.com' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
