Societe Generale Company CyberSecurity Posture
societegenerale.com
Societe Generale is one of the leading European financial services groups. Based on a diversified and integrated banking model, the Group combines financial strength and proven expertise in innovation with a strategy of sustainable growth. Committed to the positive transformations of the world’s societies and economies, Societe Generale and its teams seek to build, day after day, together with its clients, a better and sustainable future through responsible and innovative financial solutions. Active in the real economy for over 150 years, with a solid position in Europe and connected to the rest of the world, Societe Generale has over 117,000 members of staff in 66 countries and supports on a daily basis 25 million individual clients, businesses and institutional investors around the world by offering a wide range of advisory services and tailored financial solutions. The Group is built on three complementary core businesses: - French Retail Banking which encompasses the SG and Boursorama brands. Each offers a full range of financial services with omnichannel products at the cutting edge of digital innovation; - International Retail Banking, Insurance and Financial Services, with networks in Africa, Central and Eastern Europe and specialised businesses that are leaders in their markets; - Global Banking and Investor Solutions, which offers recognised expertise, key international locations and integrated solutions. Societe Generale is included in the principal socially responsible investment indices: DJSI (Europe), FTSE4Good (Global and Europe), Bloomberg Gender-Equality Index, Refinitiv Diversity and Inclusion Index, Euronext Vigeo (Europe and Eurozone), STOXX Global ESG Leaders indexes, and the MSCI Low Carbon Leaders Index (World and Europe).
Company Details
societe-generale
43,819
1,191,601
52211
societegenerale.com
214
SOC_1340441
Completed
Societe Generale Risk Score (AI oriented)Between 800 and 849
Societe Generale Global Score (TPRM)XXXX
Description: SG-SSB" , "Société Générale – Social Security Bank" was struck by the SEPO aka anon_4freedom group. The bank is the part of Ghana Stock Exchange. The leak contained database and server information as well as a few accounts which all passwords are in clear text.
No incidents recorded for Societe Generale in 2025.
No incidents recorded for Societe Generale in 2025.
No incidents recorded for Societe Generale in 2025.
Societe Generale cyber incidents detection timeline including parent company and subsidiaries
Societe Generale is one of the leading European financial services groups. Based on a diversified and integrated banking model, the Group combines financial strength and proven expertise in innovation with a strategy of sustainable growth. Committed to the positive transformations of the world’s societies and economies, Societe Generale and its teams seek to build, day after day, together with its clients, a better and sustainable future through responsible and innovative financial solutions. Active in the real economy for over 150 years, with a solid position in Europe and connected to the rest of the world, Societe Generale has over 117,000 members of staff in 66 countries and supports on a daily basis 25 million individual clients, businesses and institutional investors around the world by offering a wide range of advisory services and tailored financial solutions. The Group is built on three complementary core businesses: - French Retail Banking which encompasses the SG and Boursorama brands. Each offers a full range of financial services with omnichannel products at the cutting edge of digital innovation; - International Retail Banking, Insurance and Financial Services, with networks in Africa, Central and Eastern Europe and specialised businesses that are leaders in their markets; - Global Banking and Investor Solutions, which offers recognised expertise, key international locations and integrated solutions. Societe Generale is included in the principal socially responsible investment indices: DJSI (Europe), FTSE4Good (Global and Europe), Bloomberg Gender-Equality Index, Refinitiv Diversity and Inclusion Index, Euronext Vigeo (Europe and Eurozone), STOXX Global ESG Leaders indexes, and the MSCI Low Carbon Leaders Index (World and Europe).
Un modèle mutualiste au service des clients et des salariés. Réseau bancaire mutualiste constitué de 2124 Caisses locales le Crédit Mutuel se compose de 18 fédérations régionales, couvrant tout le territoire français. Société de personnes et non de capitaux, le Crédit Mutuel n’est pas coté en Bou
Yapı Kredi has been sustainably strengthening its market positioning in the sector since its establishment in 1944 through a customer-centric approach and focus on innovation. Yapı Kredi is the 3rd largest private bank in Turkey with total assets worth TL 411 billion as of the end of 2019. Constantl
Banque Misr (BM) was established in 1920 by the pioneer economist and financial expert Mohamed Talaat Harb Pasha, who spearheaded the concept of investing in national savings and directing them toward economic and social development. Thus, Banque Misr was established as the first wholly Egyptian-own
UniCredit exists to empower communities to progress. To deliver for all our stakeholders across Europe and unlock the potential within each individual and community we serve. We are a pan-European bank: our 13 banks across the continent work together as one, leveraging the strength of the collectiv
Сбер — крупнейший банк в России, поставщик надёжных технологических решений и один из ведущих финансовых институтов страны. Мы не боимся меняться и открывать новые горизонты, но в то же время остаёмся верными принципам, сформированным за нашу 180-летнюю историю. Такой подход позволяет нам создавать
Depuis son rapprochement avec le Groupe Crédit Agricole SA en 2003, le périmètre d'activités de LCL, réseau national de banque de détail, est axé sur le marché des particuliers, des professionnels, des entreprises et la Banque privée. LCL est une banque de proximité qui compte 2 065 implantations
About Kotak Mahindra Group: Established in 1985, the Kotak Mahindra Group is one of India’s leading financial services conglomerates. In February 2003, Kotak Mahindra Finance Ltd. (KMFL), the Group’s flagship company, received a banking license from the Reserve Bank of India (RBI). With this, KMF
The Toronto-Dominion Bank & its subsidiaries are collectively known as TD Bank Group (TD). TD is the sixth largest bank in North America by assets & serves approx. 28 million customers in a number of locations in key financial centres around the globe. With over 95,000 employees, TD ranks among the
Industrial and Commercial Bank of China Ltd. (ICBC) (simplified Chinese: 中国工商银行; traditional Chinese: 中國工商銀行; pinyin: Zhōngguó Gōngshāng Yínháng, more commonly just 工行 Gōngháng) is China's largest bank and the largest bank in the world. It is one of China's "Big Four" state-owned commercial banks (t
.png)
Dubai, UAE – November 24, 2025 – Equiti Group, a global fintech leader, has strengthened its leadership team with the appointment of Patrick...
Equiti Group has appointed Patrick Pitchappa as Chief Information Security Officer and Abdullatif Manlla as Head of Compliance and MLRO,...
Guzman Furtado, Cofounder of VFG talks about technology, 2026, and how they are working with one of the largest financial Institutions in...
PARIS (Reuters) -German stock exchange operator Deutsche Boerse plans to integrate stablecoins made by French bank Societe Generale in its...
The U.S. Treasury market is the deepest and most liquid government securities market in the world. It plays a critical and unique role in...
Here are the worldwide cybersecurity job openings available as of October 28, 2025, including on-site, hybrid, and remote roles.
Here are the worldwide cybersecurity job openings available as of October 7, 2025, including on-site, hybrid, and remote roles.
Global accounting and consulting firm Deloitte has launched a CyberAcademy in Casablanca, aimed at training professionals in Morocco in the...
Casablanca - On Wednesday, the Moroccan banking landscape witnessed the rebranding of Société Générale Maroc into Saham Bank.
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
The official website of Societe Generale is https://www.societegenerale.com.
According to Rankiteo, Societe Generale’s AI-generated cybersecurity score is 813, reflecting their Good security posture.
According to Rankiteo, Societe Generale currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
According to Rankiteo, Societe Generale is not certified under SOC 2 Type 1.
According to Rankiteo, Societe Generale does not hold a SOC 2 Type 2 certification.
According to Rankiteo, Societe Generale is not listed as GDPR compliant.
According to Rankiteo, Societe Generale does not currently maintain PCI DSS compliance.
According to Rankiteo, Societe Generale is not compliant with HIPAA regulations.
According to Rankiteo,Societe Generale is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Societe Generale operates primarily in the Banking industry.
Societe Generale employs approximately 43,819 people worldwide.
Societe Generale presently has no subsidiaries across any sectors.
Societe Generale’s official LinkedIn profile has approximately 1,191,601 followers.
Societe Generale is classified under the NAICS code 52211, which corresponds to Commercial Banking.
Yes, Societe Generale has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/societe-generale.
Yes, Societe Generale maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/societe-generale.
As of December 11, 2025, Rankiteo reports that Societe Generale has experienced 1 cybersecurity incidents.
Societe Generale has an estimated 6,988 peer or competitor companies worldwide.
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak.
Title: SEPO aka anon_4freedom group attack on Société Générale – Social Security Bank
Description: SG-SSB, Société Générale – Social Security Bank, part of Ghana Stock Exchange, was struck by the SEPO aka anon_4freedom group. The leak contained database and server information as well as a few accounts with passwords in clear text.
Type: Data Breach
Threat Actor: SEPO aka anon_4freedom group
Common Attack Types: The most common types of attacks the company has faced is Data Leak.
Data Compromised: Database information, Server information, Accounts with clear text passwords
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Database Information, Server Information, Accounts With Clear Text Passwords and .
Entity Name: Société Générale – Social Security Bank
Entity Type: Financial Institution
Industry: Banking
Location: Ghana
Type of Data Compromised: Database information, Server information, Accounts with clear text passwords
Last Attacking Group: The attacking group in the last incident was an SEPO aka anon_4freedom group.
Most Significant Data Compromised: The most significant data compromised in an incident were database information, server information, accounts with clear text passwords and .
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were accounts with clear text passwords, server information and database information.
.png)
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions prior to 16.0.96 and 17.0.1 through 17.0.9 have a weak default password. By default, this is a 6 digit numeric value which can be brute forced. (This is the app_password parameter). Depending on local configuration, this password could be the extension, voicemail, user manager, DPMA or EPM phone admin password. This issue is fixed in versions 16.0.96 and 17.0.10.
Neuron is a PHP framework for creating and orchestrating AI Agents. In versions 2.8.11 and below, the MySQLWriteTool executes arbitrary SQL provided by the caller using PDO::prepare() + execute() without semantic restrictions. This is consistent with the name (“write tool”), but in an LLM/agent context it becomes a high-risk capability: prompt injection or indirect prompt manipulation can cause execution of destructive queries such as DROP TABLE, TRUNCATE, DELETE, ALTER, or privilege-related statements (subject to DB permissions). Deployments that expose an agent with MySQLWriteTool enabled to untrusted input and/or run the tool with a DB user that has broad privileges are impacted. This issue is fixed in version 2.8.12.
Neuron is a PHP framework for creating and orchestrating AI Agents. Versions 2.8.11 and below use MySQLSelectTool, which is vulnerable to Read-Only Bypass. MySQLSelectTool is intended to be a read-only SQL tool (e.g., for LLM agent querying, however, validation based on the first keyword (e.g., SELECT) and a forbidden-keyword list does not block file-writing constructs such as INTO OUTFILE / INTO DUMPFILE. As a result, an attacker who can influence the tool input (e.g., via prompt injection through a public agent endpoint) may write arbitrary files to the DB server if the MySQL/MariaDB account has the FILE privilege and server configuration permits writes to a useful location (e.g., a web-accessible directory). This issue is fixed in version 2.8.12.
Okta Java Management SDK facilitates interactions with the Okta management API. In versions 11.0.0 through 20.0.0, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response. This issue is fixed in version 20.0.1.
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in versions 4.11.2 and 4.12.1.
Get company history
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rapid