Comparison Overview

Ally

500 Woodward Ave, Detroit, MI, US, 48226

Last Update: 2026-04-01

Between 700 and 749

http://www.ally.com

Ally Financial Inc. (NYSE: ALLY) is a leading digital financial services company and a top 25 U.S. financial holding company offering financial products for consumers, businesses, automotive dealers and corporate clients. NMLS #3015 | #181005 | https://www.nmlsconsumeraccess.org/ Ally's legacy dates back to 1919, and the company was redesigned in 2009 with a distinctive brand, innovative approach and relentless focus on its customers. Ally has an award-winning online bank (Ally Bank, Member FDIC), one of the largest full service auto finance operations in the country, a complementary auto-focused insurance business, and a trusted corporate finance business offering capital for equity sponsors and middle-market companies. We extend equal employment opportunities to qualified applicants and employees on an equal basis regardless of an individual’s age, race, color, sex, religion, national origin, disability, sexual orientation, gender identity or expression, pregnancy status, marital status, military or veteran status, genetic disposition or any other reason protected by law.

NAICS: 52

NAICS Definition: Finance and Insurance

Employees: 15,070

Subsidiaries: 0

12-month incidents

1

Known data breaches

3

Attack type number

2

View Profile

Credicorp

Calle Centenario 154, Lima, Lima, PE, 12

Last Update: 2026-04-01

Between 750 and 799

https://www.grupocredicorp.com

Somos el grupo financiero líder en el Perú con una vasta experiencia en el mercado peruano. Contamos con una sólida plataforma de Banca Comercial reforzada por una importante presencia en Banca de Inversión en Latinoamérica destinada a desarrollar el potencial de la región y acompañar a nuestros clientes en su crecimiento. Ofrecemos un modelo de servicios financieros completo y diversificado en países como Perú, Bolivia, Estados Unidos, Panamá, Chile y Colombia; y desarrollamos operaciones esencialmente a través de nuestras seis principales subsidiarias: Banco de Crédito del Perú, BCP Bolivia, Mibanco, Pacífico Compañía de Seguros y Reaseguros, Prima AFP, Atlantic Security Bank y Credicorp Capital. El negocio de Credicorp se concentra principalmente en cuatro líneas de negocio: Banca Universal, Microfinanzas, Seguros y Pensiones, y Asesoría y Gestión de Inversiones.

NAICS: 52

NAICS Definition: Finance and Insurance

Employees: 41,713

Subsidiaries: 9

12-month incidents

0

Known data breaches

0

Attack type number

0

Ally

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Credicorp

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Incidents vs Financial Services Industry Average (This Year)

Ally has 50.5% fewer incidents than the average of same-industry companies with at least one recorded incident.

Incidents vs Financial Services Industry Average (This Year)

No incidents recorded for Credicorp in 2026.

Incident History — Ally (X = Date, Y = Severity)

Ally cyber incidents detection timeline including parent company and subsidiaries

Incident History — Credicorp (X = Date, Y = Severity)

Credicorp cyber incidents detection timeline including parent company and subsidiaries

Ally

Incidents

Date Detected: 3/2026

Type:Vulnerability

Attack Vector: URL parameter

Blog: Blog

Date Detected: 5/2023

Type:Breach

Attack Vector: Insider Wrongdoing

Blog: Blog

Date Detected: 2/2021

Type:Breach

Attack Vector: Programming Code Error

Blog: Blog

Credicorp

Incidents

No Incident

Credicorp company demonstrates a stronger AI Cybersecurity Score compared to Ally company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Ally company has historically faced a number of disclosed cyber incidents, whereas Credicorp company has not reported any.

In the current year, Ally company has reported more cyber incidents than Credicorp company.

Neither Credicorp company nor Ally company has reported experiencing a ransomware attack publicly.

Ally company has disclosed at least one data breach, while the other Credicorp company has not reported such incidents publicly.

Neither Credicorp company nor Ally company has reported experiencing targeted cyberattacks publicly.

Ally company has disclosed at least one vulnerability, while Credicorp company has not reported such incidents publicly.

Neither Ally nor Credicorp holds any compliance certifications.

Neither company holds any compliance certifications.

Credicorp company has more subsidiaries worldwide compared to Ally company.

Credicorp company employs more people globally than Ally company, reflecting its scale as a Financial Services.

Neither Ally nor Credicorp holds SOC 2 Type 1 certification.

Neither Ally nor Credicorp holds SOC 2 Type 2 certification.

Neither Ally nor Credicorp holds ISO 27001 certification.

Neither Ally nor Credicorp holds PCI DSS certification.

Neither Ally nor Credicorp holds HIPAA certification.

Neither Ally nor Credicorp holds GDPR certification.

Description

A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date

2026-04-01

Updated

Date

2026-04-01

Risk Information

cvss2

Base: 5.0

Severity: LOW

AV:N/AC:L/Au:N/C:N/I:N/A:P

cvss3

Base: 4.3

Severity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

cvss4

Base: 5.3

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM. Opening a crafted V7 file may lead to information disclosure from the affected product.

Published

Date

2026-04-01

Updated

Date

2026-04-01

Risk Information

cvss3

Base: 7.8

Severity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

cvss4

Base: 8.4

Severity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product.

Published

Date

2026-04-01

Updated

Date

2026-04-01

Risk Information

cvss3

Base: 7.8

Severity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

cvss4

Base: 8.4

Severity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected product.

Published

Date

2026-04-01

Updated

Date

2026-04-01

Risk Information

cvss3

Base: 7.8

Severity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

cvss4

Base: 8.4

Severity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Description

V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!load_link_inf. Opening a crafted V7 file may lead to information disclosure from the affected product.

Published

Date

2026-04-01

Updated

Date

2026-04-01

Risk Information

cvss3

Base: 7.8

Severity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

cvss4

Base: 8.4

Severity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

Ally

VS

Credicorp

Ally

Credicorp

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Financial Services Industry Average (This Year)

Incidents vs Financial Services Industry Average (This Year)

Incident History — Ally (X = Date, Y = Severity)

Incident History — Credicorp (X = Date, Y = Severity)

Notable Incidents

No Incident

FAQ

Latest Global CVEs (Not Company-Specific)

CVE-2026-5314

Risk Information

CVE-2026-32929

Risk Information

CVE-2026-32928

Risk Information

CVE-2026-32927

Risk Information

CVE-2026-32926

Risk Information

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

Ally

VS

Credicorp

Ally

Credicorp

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Financial Services Industry Average (This Year)

Incidents vs Financial Services Industry Average (This Year)

Incident History — Ally (X = Date, Y = Severity)

Incident History — Credicorp (X = Date, Y = Severity)

Notable Incidents

🔒 Incident : Vulnerability ALL1773383462

🔒 Incident : Breach ALL944072625

🔒 Incident : Breach ALL932072825

No Incident

FAQ

Between Ally company and Credicorp company, which one has the best AI Cybersecurity Score ?

Between Ally company and Credicorp company, which one has experienced more cyber incidents in the past ?

Between Ally company and Credicorp company, which one has experienced more cyber incidents this year ?

Between Ally company and Credicorp company, which one has experienced at least one ransomware attack ?

Between Ally company and Credicorp company, which one has experienced at least one data breach ?

Between Ally company and Credicorp company, which one has experienced at least one targeted cyberattack ?

Between Ally company and Credicorp company, which one has experienced at least one vulnerability ?

Between Ally company and Credicorp company, which one holds the most compliance certifications ?

Between Ally company and Credicorp company, which one holds the fewest compliance certifications ?

Between Ally company and Credicorp company, which one has the most subsidiaries ?

Between Ally company and Credicorp company, which one has the largest number of employees ?

Between Ally and Credicorp, which company holds both SOC 2 Type 1 certifications ?

Between Ally and Credicorp, which company holds both SOC 2 Type 2 certifications ?

Which company is ISO 27001 certified — Ally or Credicorp ?

Which company is PCI DSS compliant — Ally or Credicorp ?

Between Ally and Credicorp, which company complies with HIPAA regulations for healthcare data ?

Between Ally and Credicorp, which company complies with GDPR requirements ?

Latest Global CVEs (Not Company-Specific)

CVE-2026-5314

Risk Information

CVE-2026-32929

Risk Information

CVE-2026-32928

Risk Information

CVE-2026-32927

Risk Information

CVE-2026-32926

Risk Information