Kohl's
Company Details
Linkedin ID:
kohls-department-stores
Website:
Employees number:
51,881
Number of followers:
269,936
NAICS:
43
Industry Type:
Homepage:
kohls.com
IP Addresses:
0
Company ID:
KOH_1953591
Scan Status:
In-progress
Kohl's Company CyberSecurity Posture
kohls.com
Kohl’s is a leading omnichannel retailer with more than 1,100 stores in 49 states. Kohl's business is built on a solid foundation of more than 60 million customers, an unmatched brand portfolio, industry-leading loyalty and Kohl's Card programs, a convenient and accessible nationwide store footprint, and large digital business on Kohls.com and the Kohl's mobile app.
Kohl's A.I CyberSecurity Scoring
Kohl's Risk Score (AI oriented)Between 750 and 799
Kohl's
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Kohl's Global Score (TPRM)XXXX
Kohl's
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Kohl's Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
Kohl's Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Kohl's
Incidents vs Retail Industry Average (This Year)
No incidents recorded for Kohl's in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Kohl's in 2025.
Incident Types Kohl's vs Retail Industry Avg (This Year)
No incidents recorded for Kohl's in 2025.
Incident History — Kohl's (X = Date, Y = Severity)
Kohl's cyber incidents detection timeline including parent company and subsidiaries
Kohl's Company Subsidiaries
Kohl’s is a leading omnichannel retailer with more than 1,100 stores in 49 states. Kohl's business is built on a solid foundation of more than 60 million customers, an unmatched brand portfolio, industry-leading loyalty and Kohl's Card programs, a convenient and accessible nationwide store footprint, and large digital business on Kohls.com and the Kohl's mobile app.
Loading...
Kohl's Similar Companies
SEPHORA
Sephora is the world’s leading global prestige beauty retail brand. With over 56 000 talents across 35 markets, Sephora connects customers and beauty brands within the world’s most trusted and dynamic beauty community. We serve a highly engaged community of hundreds of millions of beauty followers a
John Lewis & Partners
Since 1864 we've been delighting customers with our quality products and renowned customer service. We put happiness at the heart of everything we do. We our one brand under the John Lewis Partnership umbrella. A unique way of doing business where all of our Partners (employees) share ownership of
Toys"R"Us
Toys“R”Us is a beloved brand known all around the world—and we know how to have fun! For over 70 years we've been the toy authority and ambassadors of all things play. Our new vision looks beyond traditional retail for a re-imagined, immersive experience for kids of all ages. We've got a whole new w
Rite Aid is a full-service pharmacy committed to improving health outcomes. Rite Aid is defining the modern pharmacy by meeting customer needs with a wide range of solutions that offer convenience, including retail and delivery pharmacy, as well as services offered through our wholly owned subsidi
ICA Gruppen
ICA Gruppen´s core business is retail. The Group includes ICA Sweden which mainly conduct grocery retail, ICA Real Estate which owns and manages properties, ICA Bank which offers financial services and insurances, Apotek Hjärtat which conducts pharmacy operations. Guidelines: Comments in our chan
EXPRESS
EXPRESS is a multichannel fashion brand dedicated to creating confidence and inspiring self-expression. Since its launch in 1980, the brand has embraced a design philosophy rooted in modern, confident and effortless style. Whether dressing for work, everyday or special occasions, EXPRESS ensures you
Sam's Club
Sam’s Club (NYSE: WMT) a division of Walmart Inc., is the membership warehouse club solution for everyday living. Our President and CEO is Chris Nicholas and our headquarters is in Bentonville, AR. For the fiscal year ending January 31, 2023, Sam’s Club’s total revenue was $84.3 billion. There are
The Home Depot
The Home Depot, the world’s largest home improvement specialty retailer, values and rewards dedicated, knowledgeable, and experienced professionals. We operate more than 2,300 retail stores in all 50 states, the District of Columbia, Puerto Rico, the U.S. Virgin Islands, Guam, Canada, and Mexico. A
At Starbucks, we like to say that we are not in the coffee business serving people, but in the people business serving coffee. Here, our employees - who we call partners – are the heart of the Starbucks experience, and being a partner means aspiring to become part of something bigger: inspiring posi
.png)
Kohl's CyberSecurity News
September 22, 2025 07:00 AM
Alamo Colleges District buys West Side office complex for tech school
Kohl's Corp. operated a call center at the property in San Antonio's Westover Hills area. Northwest Vista College plans to open a technology...
August 27, 2025 07:00 AM
Stocks to Watch Today : Nvidia, CrowdStrike, DSS Inc., NovaBay Pharma, Kohl’s Corporation
On August 27, key stocks like Nvidia, DSS, and CrowdStrike showed significant trading activity and varied performances, reflecting investor...
April 02, 2025 07:00 AM
Kohl’s tech chief exits amid broader leadership change
Chief Technology and Digital Officer Siobhán Mc Feeney departed the retailer Wednesday, according to a securities filing.
November 13, 2024 11:04 PM
Phishing Emails Lure Black Friday Shoppers with Fake Best Buy, Kohl’s and Ace Hardware Gift Card Giveaways
How would you like a couple of hundred dollars worth of gift cards for this Black Friday shopping spree? Spammers clearly understand the practicality of...
October 15, 2024 07:00 AM
Kohl’s class action claims retailer affected by third-party data breach
Retail giant Kohl's has been hit with a class action lawsuit after a data breach exposed the private information of more than 4 million of...
October 11, 2024 07:00 AM
Kohl’s, Others Join List Sued Over Debt Collector Data Breach
Four more disparate companies have been hit with proposed class actions accusing them of inadequate cybersecurity linked to debt-collection...
June 17, 2024 07:00 AM
Can Kohl’s Stock Nearly Triple To Pre-Inflation Shock Highs Of $64?
Kohl's stock (NYSE: KSS), a department store that features apparel, footwear, accessories, soft home products, and housewares targeted to...
June 02, 2023 07:00 AM
'Picture-in-Picture' Obfuscation Spoofs Delta, Kohl's for Credential Harvesting
Hackers are turning to obfuscation tactics relying on glossy advertising photos from Delta Airlines and retailer Kohl's, tricking users into...
April 06, 2023 07:00 AM
All Retail Is Local, Requiring Stores To Localize For Maximum Penetration, Like Sephora At Kohl’s
A one-size-fits-all, cookie-cutter approach to opening new stores doesn't work anymore. Retailers need to take a portfolio approach to...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Kohl's CyberSecurity History Information
Official Website of Kohl's
The official website of Kohl's is http://careers.kohls.com.
Kohl's’s AI-Generated Cybersecurity Score
According to Rankiteo, Kohl's’s AI-generated cybersecurity score is 778, reflecting their Fair security posture.
How many security badges does Kohl's’ have ?
According to Rankiteo, Kohl's currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Kohl's have SOC 2 Type 1 certification ?
According to Rankiteo, Kohl's is not certified under SOC 2 Type 1.
Does Kohl's have SOC 2 Type 2 certification ?
According to Rankiteo, Kohl's does not hold a SOC 2 Type 2 certification.
Does Kohl's comply with GDPR ?
According to Rankiteo, Kohl's is not listed as GDPR compliant.
Does Kohl's have PCI DSS certification ?
According to Rankiteo, Kohl's does not currently maintain PCI DSS compliance.
Does Kohl's comply with HIPAA ?
According to Rankiteo, Kohl's is not compliant with HIPAA regulations.
Does Kohl's have ISO 27001 certification ?
According to Rankiteo,Kohl's is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Kohl's
Kohl's operates primarily in the Retail industry.
Number of Employees at Kohl's
Kohl's employs approximately 51,881 people worldwide.
Subsidiaries Owned by Kohl's
Kohl's presently has no subsidiaries across any sectors.
Kohl's’s LinkedIn Followers
Kohl's’s official LinkedIn profile has approximately 269,936 followers.
NAICS Classification of Kohl's
Kohl's is classified under the NAICS code 43, which corresponds to Retail Trade.
Kohl's’s Presence on Crunchbase
No, Kohl's does not have a profile on Crunchbase.
Kohl's’s Presence on LinkedIn
Yes, Kohl's maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/kohls-department-stores.
Cybersecurity Incidents Involving Kohl's
As of December 11, 2025, Rankiteo reports that Kohl's has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
Kohl's has an estimated 15,469 peer or competitor companies worldwide.
Kohl's CyberSecurity History Information
How many cyber incidents has Kohl's faced ?
Total Incidents: According to Rankiteo, Kohl's has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at Kohl's ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions prior to 16.0.96 and 17.0.1 through 17.0.9 have a weak default password. By default, this is a 6 digit numeric value which can be brute forced. (This is the app_password parameter). Depending on local configuration, this password could be the extension, voicemail, user manager, DPMA or EPM phone admin password. This issue is fixed in versions 16.0.96 and 17.0.10.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. In versions 2.8.11 and below, the MySQLWriteTool executes arbitrary SQL provided by the caller using PDO::prepare() + execute() without semantic restrictions. This is consistent with the name (“write tool”), but in an LLM/agent context it becomes a high-risk capability: prompt injection or indirect prompt manipulation can cause execution of destructive queries such as DROP TABLE, TRUNCATE, DELETE, ALTER, or privilege-related statements (subject to DB permissions). Deployments that expose an agent with MySQLWriteTool enabled to untrusted input and/or run the tool with a DB user that has broad privileges are impacted. This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 9.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. Versions 2.8.11 and below use MySQLSelectTool, which is vulnerable to Read-Only Bypass. MySQLSelectTool is intended to be a read-only SQL tool (e.g., for LLM agent querying, however, validation based on the first keyword (e.g., SELECT) and a forbidden-keyword list does not block file-writing constructs such as INTO OUTFILE / INTO DUMPFILE. As a result, an attacker who can influence the tool input (e.g., via prompt injection through a public agent endpoint) may write arbitrary files to the DB server if the MySQL/MariaDB account has the FILE privilege and server configuration permits writes to a useful location (e.g., a web-accessible directory). This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Description
Okta Java Management SDK facilitates interactions with the Okta management API. In versions 11.0.0 through 20.0.0, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response. This issue is fixed in version 20.0.1.
Risk Information
cvss3
Base: 8.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
Description
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in versions 4.11.2 and 4.12.1.
Risk Information
cvss3
Base: 5.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=kohls-department-stores' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
