Comparison Overview

BILLA PLUS

VS

Leroy Merlin

BILLA PLUS

Industriezentrum NÖ-Süd, Straße 3, Objekt 16, Wiener Neudorf, Niederösterreich, AT, 2355
Last Update: 2026-04-03
View Profile
Between 750 and 799
http://www.billa.at

Seit mehr als 65 Jahren gehört BILLA einfach zu Österreich. Damals wie heute setzt sich BILLA für Lösungen ein mit dem Ziel, allen ein volleres Leben zu ermöglichen. Mit über 30.000 Mitarbeitenden, davon ca. 1.500 Lehrlinge, zählt BILLA zu einem der größten Arbeitgeber Österreichs. In unseren mehr als 1.200 BILLA und BILLA Plus Märkten und im BILLA Online Shop begeistern wir mit unseren Produkten in hervorragender Qualität und zu einem familienfreundlichen Preis. Unsere Mitarbeitenden machen unser Unternehmen zu einem der erfolgreichsten in unserem Land. So wird ein Umfeld geschaffen, das allen Mitarbeitenden optimale Arbeitsbedingungen, Chancengleichheit und Gestaltungsfreiraum bietet. Besonders am Herzen liegt uns die Vereinbarkeit von Beruf und Familie. Zahlreiche externe Auszeichnungen, darunter auch das Audit Beruf und Familie, bestätigen unseren erfolgreichen Weg. Vielfalt wird bei uns groß geschrieben - nicht nur bei unseren Aufgabengebieten und Karrierewegen, sondern auch in unseren Teams. Denn unser Unternehmen lebt und profitiert auf verschiedensten Ebenen von der Vielfalt unserer Mitarbeitenden. Handeln hat für uns nicht nur die Bedeutung, Waren zu verkaufen. Vielmehr verstehen wir darunter, anzupacken und durch unser gemeinsames Handeln unsere KundInnen zu begeistern. Wenn Sie die Sicherheit eines Konzerns genießen und dennoch über den Tellerrand schauen möchten, sind Sie bei uns genau richtig!

NAICS: 43
NAICS Definition: Retail Trade
Employees: 407
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
View Profile

Leroy Merlin

Rue Chanzy – Lezennes, Lille cedex 9, France, FR, 59712
Last Update: 2026-04-02
Between 750 and 799
https://www.adeo.com/en/adeo-in-the-world/

Leroy Merlin is a major player in the global DIY market. We help people around the world with all their home improvement projects, from renovations and extensions, to decoration and repairs... We offer a wide range of DIY solutions that cover plumbing, lighting, heating, electricity, sanitation, security, cooking, gardening and much more. At Leroy Merlin, we believe that people are at the heart of any business. This commitment, based on our Human First strategy, has allowed us to be regularly reward by the “Great Place to Work” Institute and "Top Employers" Institute in different countries. Adapting to local markets and promoting partnerships are key drivers for Leroy Merlin. We believe that it's only by building long-lasting relationships that we can create value for everyone: our customers, co-workers, suppliers, local markets and stakeholders.

NAICS: 43
NAICS Definition: Retail Trade
Employees: 67,353
Subsidiaries: 15
12-month incidents
0
Known data breaches
1
Attack type number
1

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/billaplus.jpeg
BILLA PLUS
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/leroy-merlin.jpeg
Leroy Merlin
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
BILLA PLUS
100%
Compliance Rate
0/4 Standards Verified
Leroy Merlin
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Retail Industry Average (This Year)

No incidents recorded for BILLA PLUS in 2026.

Incidents vs Retail Industry Average (This Year)

No incidents recorded for Leroy Merlin in 2026.

Incident History — BILLA PLUS (X = Date, Y = Severity)

BILLA PLUS cyber incidents detection timeline including parent company and subsidiaries

Incident History — Leroy Merlin (X = Date, Y = Severity)

Leroy Merlin cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/billaplus.jpeg
BILLA PLUS
Incidents

No Incident

https://images.rankiteo.com/companyimages/leroy-merlin.jpeg
Leroy Merlin
Incidents

Date Detected: 12/2025
Type:Breach
Blog: Blog

FAQ

BILLA PLUS company demonstrates a stronger AI Cybersecurity Score compared to Leroy Merlin company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Leroy Merlin company has historically faced a number of disclosed cyber incidents, whereas BILLA PLUS company has not reported any.

In the current year, Leroy Merlin company and BILLA PLUS company have not reported any cyber incidents.

Neither Leroy Merlin company nor BILLA PLUS company has reported experiencing a ransomware attack publicly.

Leroy Merlin company has disclosed at least one data breach, while BILLA PLUS company has not reported such incidents publicly.

Neither Leroy Merlin company nor BILLA PLUS company has reported experiencing targeted cyberattacks publicly.

Neither BILLA PLUS company nor Leroy Merlin company has reported experiencing or disclosing vulnerabilities publicly.

Neither BILLA PLUS nor Leroy Merlin holds any compliance certifications.

Neither company holds any compliance certifications.

Leroy Merlin company has more subsidiaries worldwide compared to BILLA PLUS company.

Leroy Merlin company employs more people globally than BILLA PLUS company, reflecting its scale as a Retail.

Neither BILLA PLUS nor Leroy Merlin holds SOC 2 Type 1 certification.

Neither BILLA PLUS nor Leroy Merlin holds SOC 2 Type 2 certification.

Neither BILLA PLUS nor Leroy Merlin holds ISO 27001 certification.

Neither BILLA PLUS nor Leroy Merlin holds PCI DSS certification.

Neither BILLA PLUS nor Leroy Merlin holds HIPAA certification.

Neither BILLA PLUS nor Leroy Merlin holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, two peer-facing consensus request handlers assume that the history index is always available and call blockchain.history_store.history_index().unwrap() directly. That assumption is false by construction. HistoryStoreProxy::history_index() explicitly returns None for the valid HistoryStoreProxy::WithoutIndex state. when a full node is syncing or otherwise running without the history index, a remote peer can send RequestTransactionsProof or RequestTransactionReceiptsByAddress and trigger an Option::unwrap() panic on the request path. This issue has been patched in version 1.3.0.

Published
Date
2026-04-03
Updated
Date
2026-04-03
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
References
Description

PraisonAI is a multi-agent teams system. Prior to version 1.5.95, FileTools.download_file() in praisonaiagents validates the destination path but performs no validation on the url parameter, passing it directly to httpx.stream() with follow_redirects=True. An attacker who controls the URL can reach any host accessible from the server including cloud metadata services and internal network services. This issue has been patched in version 1.5.95.

Published
Date
2026-04-03
Updated
Date
2026-04-03
Risk Information
cvss3
Base: 8.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
References
Description

PraisonAI is a multi-agent teams system. Prior to version 4.5.97, OAuthManager.validate_token() returns True for any token not found in its internal store, which is empty by default. Any HTTP request to the MCP server with an arbitrary Bearer token is treated as authenticated, granting full access to all registered tools and agent capabilities. This issue has been patched in version 4.5.97.

Published
Date
2026-04-03
Updated
Date
2026-04-03
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
References
Description

PraisonAI is a multi-agent teams system. Prior to version 4.5.97, the PraisonAI Gateway server accepts WebSocket connections at /ws and serves agent topology at /info with no authentication. Any network client can connect, enumerate registered agents, and send arbitrary messages to agents and their tool sets. This issue has been patched in version 4.5.97.

Published
Date
2026-04-03
Updated
Date
2026-04-03
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
References
Description

PraisonAI is a multi-agent teams system. Prior to version 4.5.90, MCPToolIndex.search_tools() compiles a caller-supplied string directly as a Python regular expression with no validation, sanitization, or timeout. A crafted regex causes catastrophic backtracking in the re engine, blocking the Python thread for hundreds of seconds and causing a complete service outage. This issue has been patched in version 4.5.90.

Published
Date
2026-04-03
Updated
Date
2026-04-03
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References