UMMS
Company Details
Linkedin ID:
ummedicalsystem
Website:
Employees number:
11,262
Number of followers:
93,024
NAICS:
62
Industry Type:
Homepage:
umms.org
IP Addresses:
0
Company ID:
UNI_2137751
Scan Status:
In-progress
University of Maryland Medical System Company CyberSecurity Posture
umms.org
The University of Maryland Medical System (UMMS) was created in 1984 when the state-owned University Hospital became a private, nonprofit organization. It has evolved into a multi-hospital system with academic, community and specialty service missions reaching every part of the state and beyond. UMMS is a national and regional referral center for trauma, cancer care, neurocare, cardiac care, women's and children's health and physical rehabilitation. It also has one of the world's largest kidney transplant programs, as well as scores of other programs that improve the physical and mental health of thousands of people daily. The hospitals and health systems that comprise UMMS are: University of Maryland Medical Center University of Maryland Medical Center Midtown Campus UM Rehabilitation and Orthopaedic Institute UM Baltimore Washington Medical Center UM Capital Region Health UM Charles Regional Medical Center UM St. Joseph Medical Center UM Upper Chesapeake Health UM Shore Regional Health Mt. Washington Pediatric Hospital UM Community Medical Group
University of Maryland Medical System A.I CyberSecurity Scoring
UMMS Risk Score (AI oriented)Between 750 and 799
UMMS
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
UMMS Global Score (TPRM)XXXX
UMMS
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
UMMS Company CyberSecurity News & History
Past Incidents
0
Attack Types
0
No data available
UMMS Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for UMMS
Incidents vs Hospitals and Health Care Industry Average (This Year)
No incidents recorded for University of Maryland Medical System in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for University of Maryland Medical System in 2025.
Incident Types UMMS vs Hospitals and Health Care Industry Avg (This Year)
No incidents recorded for University of Maryland Medical System in 2025.
Incident History — UMMS (X = Date, Y = Severity)
UMMS cyber incidents detection timeline including parent company and subsidiaries
UMMS Company Subsidiaries
The University of Maryland Medical System (UMMS) was created in 1984 when the state-owned University Hospital became a private, nonprofit organization. It has evolved into a multi-hospital system with academic, community and specialty service missions reaching every part of the state and beyond. UMMS is a national and regional referral center for trauma, cancer care, neurocare, cardiac care, women's and children's health and physical rehabilitation. It also has one of the world's largest kidney transplant programs, as well as scores of other programs that improve the physical and mental health of thousands of people daily. The hospitals and health systems that comprise UMMS are: University of Maryland Medical Center University of Maryland Medical Center Midtown Campus UM Rehabilitation and Orthopaedic Institute UM Baltimore Washington Medical Center UM Capital Region Health UM Charles Regional Medical Center UM St. Joseph Medical Center UM Upper Chesapeake Health UM Shore Regional Health Mt. Washington Pediatric Hospital UM Community Medical Group
Loading...
UMMS Similar Companies
Cleveland Clinic, located in Cleveland, Ohio, is a not-for-profit, multispecialty academic medical center that integrates clinical and hospital care with research and education. Founded in 1921 by four renowned physicians with a vision of providing outstanding patient care based upon the principl
Mayo Clinic has expanded and changed in many ways, but our values remain true to the vision of our founders. Our primary value – The needs of the patient come first – guides our plans and decisions as we create the future of health care. Join us and you'll find a culture of teamwork, professionalism
Owens & Minor
Owens & Minor, Inc. (NYSE: OMI) is a Fortune 500 global healthcare solutions company providing essential products and services that support care from the hospital to the home. For over 100 years, Owens & Minor and its affiliated brands, Apria® , Byram®, and HALYARD*, have helped to make each day be
Region Hovedstaden
Det handler om liv. Om at bringe liv til verden og skabe livskvalitet. Om at redde liv og forbedre liv. Som medarbejder i Region Hovedstaden træder du ind i en verden af muligheder og mangfoldighed med plads til dine ambitioner. Du er en del af et stærkt fagligt miljø, hvor vi har fingeren på pulsen
Access Healthcare provides business process outsourcing, application services, and robotic process automation tools to hospitals, health systems, providers, payers, and related service providers. We operate from 20 delivery centers across nine cities in the US, India, and the Philippines, and our 2
St. Luke's Health System
As the only Idaho-based, not-for-profit health system, St. Luke’s Health System is dedicated to our mission “To improve the health of people in the communities we serve.” Today that means not only treating you when you’re sick or hurt, but doing everything we can to help you be as healthy as possibl
Beth Israel Deaconess Medical Center
Beth Israel Deaconess Medical Center (BIDMC) is part of Beth Israel Lahey Health, a new health care system that brings together academic medical centers and teaching hospitals, community and specialty hospitals, more than 4,000 physicians and 35,000 employees in a shared mission to expand access to
Omega Healthcare Management Services
Founded in 2003, Omega Healthcare Management Services® (Omega Healthcare) empowers healthcare to thrive via intelligent solutions that optimize revenue cycle operations, administrative workflows, care coordination, and clinical research on a global scale. The company works with providers, payers, li
NYC Health + Hospitals is the nation’s largest public health care delivery system. We are an integrated network of hospitals, trauma centers, neighborhood health centers, nursing homes, and post-acute care centers. We are a home care agency and a health plan, MetroPlus. The health system provides es
.png)
UMMS CyberSecurity News
October 26, 2025 07:00 AM
Healthcare Data Breach Statistics
In 2023, 725 data breaches were reported to OCR and across those breaches, more than 133 million records were exposed or impermissibly disclosed.
October 22, 2025 07:00 AM
How the government shutdown could impact hospital cybersecurity
With skeletal staffs at the nation's cyberdefense agency and some resources on hold, hospitals could be at greater risk of a breach.
September 30, 2025 04:24 PM
What’s It Like for Father-Son Cardiologists to Work in the Same Hospital?
The answer—from Drs. Stephen and Jeremy Pollock of the University of Maryland St. Joseph Medical Center—might surprise you.
August 25, 2025 07:00 AM
University of Maryland, Baltimore’s Center for Health and Homeland Security Becomes the Center for Cyber, Health, and Hazard Strategies (CHHS)
Baltimore, Md. — The University of Maryland, Baltimore (UMB) has announced that its long-standing Center for Health and Homeland Security...
August 22, 2025 07:00 AM
Seventh woman sues Maryland hospital system over pharmacist’s alleged voyeurism
At least seven women have accused former University of Maryland Medical System pharmacist Matthew Bathula of a...
August 22, 2025 07:00 AM
University of Maryland Medical Center pharmacist’s alleged cyber-spying of female colleagues leads to another lawsuit
Seven women say private photos of them breastfeeding or pumping breastmilk were hacked by a University of Maryland hospital pharmacist.
July 21, 2025 07:00 AM
Hackensack Meridian Health Names Dr. Joel Klein, Renowned Physician and Technology Executive, as Chief Digital Information Officer | Newswise
Joel will spearhead HMH's digital transformation, overseeing all technology infrastructure, applications, and cybersecurity.
July 15, 2025 07:00 AM
MACoCon Solutions Showcase Features Leaders in Cyber Security, Surplus Auctions, and Benefits Management
Join us to hear from industry experts and thought leaders on topics like AI in cloud computing, digital connectivity, benefits management, and more!
July 13, 2025 07:00 AM
Wikipedia’s List Of The Largest Data Breaches Globally Since 2004
Compilation of cyberattacks by organization type and number of records compromised.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
UMMS CyberSecurity History Information
Official Website of University of Maryland Medical System
The official website of University of Maryland Medical System is http://www.umms.org.
University of Maryland Medical System’s AI-Generated Cybersecurity Score
According to Rankiteo, University of Maryland Medical System’s AI-generated cybersecurity score is 781, reflecting their Fair security posture.
How many security badges does University of Maryland Medical System’ have ?
According to Rankiteo, University of Maryland Medical System currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does University of Maryland Medical System have SOC 2 Type 1 certification ?
According to Rankiteo, University of Maryland Medical System is not certified under SOC 2 Type 1.
Does University of Maryland Medical System have SOC 2 Type 2 certification ?
According to Rankiteo, University of Maryland Medical System does not hold a SOC 2 Type 2 certification.
Does University of Maryland Medical System comply with GDPR ?
According to Rankiteo, University of Maryland Medical System is not listed as GDPR compliant.
Does University of Maryland Medical System have PCI DSS certification ?
According to Rankiteo, University of Maryland Medical System does not currently maintain PCI DSS compliance.
Does University of Maryland Medical System comply with HIPAA ?
According to Rankiteo, University of Maryland Medical System is not compliant with HIPAA regulations.
Does University of Maryland Medical System have ISO 27001 certification ?
According to Rankiteo,University of Maryland Medical System is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of University of Maryland Medical System
University of Maryland Medical System operates primarily in the Hospitals and Health Care industry.
Number of Employees at University of Maryland Medical System
University of Maryland Medical System employs approximately 11,262 people worldwide.
Subsidiaries Owned by University of Maryland Medical System
University of Maryland Medical System presently has no subsidiaries across any sectors.
University of Maryland Medical System’s LinkedIn Followers
University of Maryland Medical System’s official LinkedIn profile has approximately 93,024 followers.
NAICS Classification of University of Maryland Medical System
University of Maryland Medical System is classified under the NAICS code 62, which corresponds to Health Care and Social Assistance.
University of Maryland Medical System’s Presence on Crunchbase
No, University of Maryland Medical System does not have a profile on Crunchbase.
University of Maryland Medical System’s Presence on LinkedIn
Yes, University of Maryland Medical System maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/ummedicalsystem.
Cybersecurity Incidents Involving University of Maryland Medical System
As of December 11, 2025, Rankiteo reports that University of Maryland Medical System has not experienced any cybersecurity incidents.
Number of Peer and Competitor Companies
University of Maryland Medical System has an estimated 30,929 peer or competitor companies worldwide.
University of Maryland Medical System CyberSecurity History Information
How many cyber incidents has University of Maryland Medical System faced ?
Total Incidents: According to Rankiteo, University of Maryland Medical System has faced 0 incidents in the past.
What types of cybersecurity incidents have occurred at University of Maryland Medical System ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Incident Details
What are the most common types of attacks the company has faced ?
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions prior to 16.0.96 and 17.0.1 through 17.0.9 have a weak default password. By default, this is a 6 digit numeric value which can be brute forced. (This is the app_password parameter). Depending on local configuration, this password could be the extension, voicemail, user manager, DPMA or EPM phone admin password. This issue is fixed in versions 16.0.96 and 17.0.10.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. In versions 2.8.11 and below, the MySQLWriteTool executes arbitrary SQL provided by the caller using PDO::prepare() + execute() without semantic restrictions. This is consistent with the name (“write tool”), but in an LLM/agent context it becomes a high-risk capability: prompt injection or indirect prompt manipulation can cause execution of destructive queries such as DROP TABLE, TRUNCATE, DELETE, ALTER, or privilege-related statements (subject to DB permissions). Deployments that expose an agent with MySQLWriteTool enabled to untrusted input and/or run the tool with a DB user that has broad privileges are impacted. This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 9.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. Versions 2.8.11 and below use MySQLSelectTool, which is vulnerable to Read-Only Bypass. MySQLSelectTool is intended to be a read-only SQL tool (e.g., for LLM agent querying, however, validation based on the first keyword (e.g., SELECT) and a forbidden-keyword list does not block file-writing constructs such as INTO OUTFILE / INTO DUMPFILE. As a result, an attacker who can influence the tool input (e.g., via prompt injection through a public agent endpoint) may write arbitrary files to the DB server if the MySQL/MariaDB account has the FILE privilege and server configuration permits writes to a useful location (e.g., a web-accessible directory). This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Description
Okta Java Management SDK facilitates interactions with the Okta management API. In versions 11.0.0 through 20.0.0, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response. This issue is fixed in version 20.0.1.
Risk Information
cvss3
Base: 8.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
Description
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in versions 4.11.2 and 4.12.1.
Risk Information
cvss3
Base: 5.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=ummedicalsystem' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
