UOB
Company Details
Linkedin ID:
uob
Website:
Employees number:
28,225
Number of followers:
673,088
NAICS:
52211
Industry Type:
Homepage:
uobgroup.com
IP Addresses:
0
Company ID:
UOB_1467131
Scan Status:
In-progress
UOB Company CyberSecurity Posture
uobgroup.com
We’re here to do Right By You. At UOB, we aspire to build a better future for the people and businesses in the region. Through our extensive network and suite of capabilities, we offer financial solutions to the people and businesses within, and connecting with ASEAN. We create solutions tailored to your unique needs through data and relationship-led insights. Our comprehensive regional network and one-bank approach connects your business to new opportunities in ASEAN. We help businesses to advance responsibly and guide personal wealth to grow sustainably. We foster inclusiveness and environmental well-being for stronger societies. This is how we stay committed to forging a sustainable future for generations to come. Note: For the terms of use of our LinkedIn channel, please visit: https://go.uob.com/socialmedia
UOB A.I CyberSecurity Scoring
UOB Risk Score (AI oriented)Between 750 and 799
UOB
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
UOB Global Score (TPRM)XXXX
UOB
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
UOB Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
UOB
Data Leak
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: UOB has announced that the personal details of 1166 customers have been disclosed by an employee as a result of an impersonation scam. The compromised information includes customers' names, identification, mobile numbers, and account balances. However, according to UOB, bank account numbers were not revealed, and its IT systems are still safe. The employee has been suspended and is also assisting the police in investigations.
UOB Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for UOB
Incidents vs Banking Industry Average (This Year)
No incidents recorded for UOB in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for UOB in 2025.
Incident Types UOB vs Banking Industry Avg (This Year)
No incidents recorded for UOB in 2025.
Incident History — UOB (X = Date, Y = Severity)
UOB cyber incidents detection timeline including parent company and subsidiaries
UOB Company Subsidiaries
We’re here to do Right By You. At UOB, we aspire to build a better future for the people and businesses in the region. Through our extensive network and suite of capabilities, we offer financial solutions to the people and businesses within, and connecting with ASEAN. We create solutions tailored to your unique needs through data and relationship-led insights. Our comprehensive regional network and one-bank approach connects your business to new opportunities in ASEAN. We help businesses to advance responsibly and guide personal wealth to grow sustainably. We foster inclusiveness and environmental well-being for stronger societies. This is how we stay committed to forging a sustainable future for generations to come. Note: For the terms of use of our LinkedIn channel, please visit: https://go.uob.com/socialmedia
Loading...
UOB Similar Companies
Bank of Communications Co., Ltd. London Branch
Founded in 1908, Bank of Communications Co., Ltd. ("the Bank") is one of the oldest banks in China as well as one of the note-issuing banks in modern China. The Bank was listed on the Hong Kong Stock Exchange in June 2005 and on the Shanghai Stock Exchange in May 2007. The Bank currently has 18
Commercial International Bank was established in 1975 as a joint venture between the National Bank of Egypt (NBE, 51%) and the Chase Manhattan Bank (49%) under the name "Chase National Bank of Egypt”. Following Chase's decision to divest its equity stake in 1987, NBE increased its shareholding to 99
PT Bank Mandiri (Persero) Tbk.
Bank Mandiri was established on 2 October 1998, as part of the bank restructuring program of the Government of Indonesia. In July 1999, four state-owned banks - Bank Bumi Daya, Bank Dagang Negara, Bank Exim and Bapindo - were amalgamated into Bank Mandiri. The history of these four banks can be trac
Central Bank of India
Welcome to the official LinkedIn page of Central Bank of India. Central Bank of India offers a wide range of products and services for every segment. Please join us to know more about our best products & services, attractive offers and the latest updates. We invite & value your active participatio
HDFC Bank is India's largest private sector bank, offering a comprehensive range of financial products and services to our customer base of over 92 million. Our extensive distribution network of 8,919 branches and 21,031 ATMs across 3,836 cities and towns as of August 2024, reaches every corner of t
We are a universal bank with a 200-year history of supporting and growing the Nordic economies – enabling dreams and aspirations for a greater good. Every day, we work to support our customers’ financial development, delivering best-in-class omnichannel customer experiences and driving sustainable c
Banco Sabadell es el cuarto grupo bancario privado español, integrado por diferentes bancos, marcas, sociedades filiales y sociedades participadas que abarcan todos los ámbitos del negocio financiero bajo un denominador común: profesionalidad y calidad. Un equipo humano joven y bien preparado, do
MCB Bank Limited
Welcome to the Official LinkedIn page of MCB Bank Limited. Established in 1947, MCB Bank Limited is one of the largest Banks in Pakistan with a total customer base exceeding 7 million. We have products and services to suit the every need of customers. To learn more about MCB Bank, please visit our w
Crédit Agricole Italia
Crédit Agricole Italia fa parte del grande Gruppo internazionale Crédit Agricole: un gruppo bancario tra i più solidi nel panorama internazionale e presente in 46 Paesi del mondo, con 53 milioni di Clienti. Il Gruppo Crédit Agricole in Italia conta 6 milioni di Clienti attivi e circa 16.200 collabor
.png)
UOB CyberSecurity News
November 20, 2025 08:00 AM
UOB strengthens regional cyber resilience amid rising ecosystem risks
As ASEAN's financial systems become increasingly interconnected, UOB's group CISO Tobias Gondrom explains how the bank is strengthening...
October 16, 2025 07:00 AM
Ex-UOB Employee Convicted: Leaked Data of 1,000 Customers to Fake Chinese Police
Singapore court finds former bank officer guilty of illegally sharing client data with overseas scammers. A former United Overseas Bank...
October 06, 2025 07:00 AM
Bahrain participates in GCC–EU Cyber Diplomatic Dialogue
Riyadh, Oct. 6 (BNA): The Kingdom of Bahrain, represented by the National Cyber Security Centre (NCSC), University of Bahrain (UoB),...
September 29, 2025 07:00 AM
MAS and banks trial quantum security for finance
The Monetary Authority of Singapore (MAS), together with DBS, HSBC, OCBC, UOB, SPTel and SpeQtral, has completed a proof-of-concept sandbox...
June 10, 2025 07:00 AM
USD price likely to hit record high of VND26,300 in Q3, drop to VND26,100 in Q4: UOB
Singaporean bank UOB on Monday said its updated forecasts on the USD/VND exchange rate are VND26,300 per USD in Q3/2025; 26100 in Q4/2025;...
April 15, 2025 07:00 AM
Malaysian semiconductor stocks fall amid US probes, software firms steady
Malaysia's technology sector turned lower on Tuesday as the US announced investigations into imports of semiconductors, setting the stage...
March 12, 2025 09:30 AM
Tech talent hunt continues despite layoffs as firms deepen digitalisation
Tech jobs in artificial intelligence (AI) and machine learning engineering, cloud architecture, cyber-security analysis and software creation are increasingly...
March 03, 2025 08:00 AM
Bank staff trained to spot ‘red flags’ prevent RM12.4mil in fraudulent transfers
When a customer requested to withdraw RM2.8mil from his account to be transferred to a company for investment, an alert bank staff sensed...
February 23, 2025 08:00 AM
Under patronage of HH Shaikh Nasser bin Hamad Al Khalifa, first Cybersecurity Guardians Hackathon concludes under theme "Security Innovators"
The ceremony recognised top teams, with Al Naseem International School winning first place, Bahrain Polytechnic securing second, and UoB finishing third.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
UOB CyberSecurity History Information
Official Website of UOB
The official website of UOB is http://www.uobgroup.com/.
UOB’s AI-Generated Cybersecurity Score
According to Rankiteo, UOB’s AI-generated cybersecurity score is 795, reflecting their Fair security posture.
How many security badges does UOB’ have ?
According to Rankiteo, UOB currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does UOB have SOC 2 Type 1 certification ?
According to Rankiteo, UOB is not certified under SOC 2 Type 1.
Does UOB have SOC 2 Type 2 certification ?
According to Rankiteo, UOB does not hold a SOC 2 Type 2 certification.
Does UOB comply with GDPR ?
According to Rankiteo, UOB is not listed as GDPR compliant.
Does UOB have PCI DSS certification ?
According to Rankiteo, UOB does not currently maintain PCI DSS compliance.
Does UOB comply with HIPAA ?
According to Rankiteo, UOB is not compliant with HIPAA regulations.
Does UOB have ISO 27001 certification ?
According to Rankiteo,UOB is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of UOB
UOB operates primarily in the Banking industry.
Number of Employees at UOB
UOB employs approximately 28,225 people worldwide.
Subsidiaries Owned by UOB
UOB presently has no subsidiaries across any sectors.
UOB’s LinkedIn Followers
UOB’s official LinkedIn profile has approximately 673,088 followers.
NAICS Classification of UOB
UOB is classified under the NAICS code 52211, which corresponds to Commercial Banking.
UOB’s Presence on Crunchbase
No, UOB does not have a profile on Crunchbase.
UOB’s Presence on LinkedIn
Yes, UOB maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/uob.
Cybersecurity Incidents Involving UOB
As of December 11, 2025, Rankiteo reports that UOB has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
UOB has an estimated 6,988 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at UOB ?
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak.
Incident Details
Can you provide details on each incident ?
Title: UOB Data Breach due to Impersonation Scam
Description: UOB has announced that the personal details of 1166 customers have been disclosed by an employee as a result of an impersonation scam. The compromised information includes customers' names, identification, mobile numbers, and account balances. However, bank account numbers were not revealed, and its IT systems are still safe. The employee has been suspended and is also assisting the police in investigations.
Type: Data Breach
Attack Vector: Impersonation Scam
Threat Actor: Internal Employee
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Data Leak.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach UOB12542123
Data Compromised: Names, Identification, Mobile numbers, Account balances
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Information and .
Which entities were affected by each incident ?
Incident : Data Breach UOB12542123
Entity Name: UOB
Entity Type: Bank
Industry: Finance
Customers Affected: 1166
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach UOB12542123
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach UOB12542123
Type of Data Compromised: Personal information
Number of Records Exposed: 1166
Sensitivity of Data: High
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach UOB12542123
Investigation Status: Ongoing
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Internal Employee.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were names, identification, mobile numbers, account balances and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were names, mobile numbers, identification and account balances.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 122.0.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
.png)
Latest Global CVEs (Not Company-Specific)
Description
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions prior to 16.0.96 and 17.0.1 through 17.0.9 have a weak default password. By default, this is a 6 digit numeric value which can be brute forced. (This is the app_password parameter). Depending on local configuration, this password could be the extension, voicemail, user manager, DPMA or EPM phone admin password. This issue is fixed in versions 16.0.96 and 17.0.10.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. In versions 2.8.11 and below, the MySQLWriteTool executes arbitrary SQL provided by the caller using PDO::prepare() + execute() without semantic restrictions. This is consistent with the name (“write tool”), but in an LLM/agent context it becomes a high-risk capability: prompt injection or indirect prompt manipulation can cause execution of destructive queries such as DROP TABLE, TRUNCATE, DELETE, ALTER, or privilege-related statements (subject to DB permissions). Deployments that expose an agent with MySQLWriteTool enabled to untrusted input and/or run the tool with a DB user that has broad privileges are impacted. This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 9.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
Description
Neuron is a PHP framework for creating and orchestrating AI Agents. Versions 2.8.11 and below use MySQLSelectTool, which is vulnerable to Read-Only Bypass. MySQLSelectTool is intended to be a read-only SQL tool (e.g., for LLM agent querying, however, validation based on the first keyword (e.g., SELECT) and a forbidden-keyword list does not block file-writing constructs such as INTO OUTFILE / INTO DUMPFILE. As a result, an attacker who can influence the tool input (e.g., via prompt injection through a public agent endpoint) may write arbitrary files to the DB server if the MySQL/MariaDB account has the FILE privilege and server configuration permits writes to a useful location (e.g., a web-accessible directory). This issue is fixed in version 2.8.12.
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Description
Okta Java Management SDK facilitates interactions with the Okta management API. In versions 11.0.0 through 20.0.0, race conditions may arise from concurrent requests using the ApiClient class. This could cause a status code or response header from one request’s response to influence another request’s response. This issue is fixed in version 20.0.1.
Risk Information
cvss3
Base: 8.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L
Description
The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. When using versions 4.11.0 through 4.11.2 and 4.12.0, simultaneous requests on the same client may result in improper lookups in the TokenRequestCache for the request results. This issue is fixed in versions 4.11.2 and 4.12.1.
Risk Information
cvss3
Base: 5.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=uob' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
