CME
Company Details
Linkedin ID:
california-medical-evaluators-inc-
Website:
Employees number:
61
Number of followers:
1,124
NAICS:
5411
Industry Type:
Homepage:
calmedeval.com
IP Addresses:
0
Company ID:
CAL_6540480
Scan Status:
In-progress
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
California Medical Evaluators Vendor Cyber Rating & Cyber Score
calmedeval.comCalifornia Medical Evaluators is a doctor-owned management company focused on serving the medical and legal communities. While providing full-service administration of physicians’ medical-legal practices, CME also strategizes with law firms, attorneys and insurers to find the best possible medical expert for any matter. CME's services include: Workers' Compensation Evaluations (QME/AME) Independent Medical Evaluations Expert Witness Engagements Disability Evaluations Medical Records Review
California Medical Evaluators A.I CyberSecurity Scoring
CME Risk Score (AI oriented)Between 550 and 599
CME
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
CME Global Score (TPRM)XXXX
CME
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
CME Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
California public school system: Phobos ransomware leader facing 20 years in prison after pleading guilty to hacking charges
Ransomware
Rankiteo Explanation
Attack threatening the organization's existence
Description: Russian National Pleads Guilty in Phobos Ransomware Scheme, Faces 20-Year Sentence A 43-year-old Russian national, Evgenii Ptitsyn, pleaded guilty to wire fraud charges on Wednesday for his role as a key figure in the Phobos ransomware operation. Ptitsyn, the primary developer behind the ransomware, faces up to 20 years in prison and is scheduled for sentencing on July 15. Ptitsyn and his associates launched the Phobos ransomware campaign in November 2020, targeting over 1,000 organizations worldwide. He was arrested in South Korea and extradited to the U.S. in November 2024. According to prosecutors, Ptitsyn marketed the ransomware on cybercriminal forums, managed the gang’s darknet site for selling stolen data, and took a percentage of ransom payments from affiliates who carried out attacks. Among the victims were the California public school system, which paid a $300,000 ransom in 2023, as well as multiple healthcare organizations and businesses. U.S. authorities estimate that Phobos and its related strain, 8Base, extorted over $16 million from victims globally since 2019. Law enforcement in the U.S. and Europe have dismantled parts of the group over the past two years, including recent arrests in Poland and Thailand. In July 2024, Japanese officials released a free decryption tool to help organizations recover from Phobos attacks.
CME Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for CME
Incidents vs Legal Services Industry Average (This Year)
No incidents recorded for California Medical Evaluators in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for California Medical Evaluators in 2026.
Incident Types CME vs Legal Services Industry Avg (This Year)
No incidents recorded for California Medical Evaluators in 2026.
Incident History — CME (X = Date, Y = Severity)
CME cyber incidents detection timeline including parent company and subsidiaries
CME Company Subsidiaries
California Medical Evaluators is a doctor-owned management company focused on serving the medical and legal communities. While providing full-service administration of physicians’ medical-legal practices, CME also strategizes with law firms, attorneys and insurers to find the best possible medical expert for any matter. CME's services include: Workers' Compensation Evaluations (QME/AME) Independent Medical Evaluations Expert Witness Engagements Disability Evaluations Medical Records Review
Loading...
CME Similar Companies
Smith Knowles Attorneys
Established in 1990, Smith Knowles provides transactional and litigation counseling, services and representation to businesses and to individuals. We have developed the resources and experience necessary to effectively provide legal services in general litigation, real estate-construction, commercia
McCarthy, Leonard and Kaemmerer, L.C.
Founded in 1984, McCarthy, Leonard & Kaemmerer L.C. provides experienced and efficient legal representation both in general practice areas and in specialized areas of the law. The firm represents management in labor and employment law and practices in the areas of insurance, products liability, envi
Murphy Sanchez PLLC
Murphy Sanchez is a national law firm with offices in New York, New Jersey, Pennsylvania, Delaware, Maryland (also serving Washington, DC), and California. As a women-owned firm, Murphy Sanchez has been designed from the ground up to provide to its clients the best legal services available and empo
Office of the Public Defender Maryland
The mission of the Office of the Public Defender (OPD) is to provide superior legal representation to indigent defendants in the State of Maryland by safeguarding fundamental individual rights and ensuring access to the guaranteed protections afforded by the United States Constitution, the Bill of R
The Mediation Experts
I am a lawyer and mediator with over 30 years experience and have conducted over 2000 mediations and 200 arbitrations. I am a nationally registered mediator and certified as a Federal Dispute Resolution Practitioner. I coach, teach and conduct workshops and seminars about mediations. Specialties:
At The Barrister Group, we’re redefining what a modern chambers looks like. As one of the largest barristers’ chambers in England & Wales, we combine nationwide court coverage with the flexibility of a tech-driven, online booking system. Our barristers and mediators cover 84 areas of law, from busi
SCL Nishimura & Asahi Limited
Nishimura & Asahi has five offices in Japan, as well as offices in Bangkok, Shanghai, Dubai, Frankfurt/Düsseldorf, Hanoi, Ho Chi Minh City, Jakarta, Kuala Lumpur, Manila, New York, Singapore, Taipei, and Yangon. We opened Bangkok office in 2013, under the name Nishimura & Asahi (Thailand) Co., Ltd
Join the Claim
At Join the Claim, we unite eligible claimants and law firms, significantly increasing qualified sign-ups for your group actions. A matchmaker for justice, if you need potential claimants for your group claims, we’ll find them. A passionate crew of digital specialists, combined we’ve spent over
Investor Choice Advocates Network
ICAN is a nonprofit public interest litigation organization dedicated to breaking down barriers to entry to capital markets and pushing back against the overreach of the Securities and Exchange Commission (SEC), serving as a legal advocate and voice for small investors and entrepreneurs whose effort
.png)
CME CyberSecurity News
June 20, 2025 07:00 AM
What Trucking Fleets Need to Know About Changes to Driver Medical Card Process
After years of delays, the process of sending commercial driver medical cards to state licensing agencies is finally going digital — except...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
CME CyberSecurity History Information
Official Website of California Medical Evaluators
The official website of California Medical Evaluators is https://calmedeval.com/.
California Medical Evaluators’s AI-Generated Cybersecurity Score
According to Rankiteo, California Medical Evaluators’s AI-generated cybersecurity score is 565, reflecting their Very Poor security posture.
How many security badges does California Medical Evaluators’ have ?
According to Rankiteo, California Medical Evaluators currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has California Medical Evaluators been affected by any supply chain cyber incidents ?
According to Rankiteo, California Medical Evaluators has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does California Medical Evaluators have SOC 2 Type 1 certification ?
According to Rankiteo, California Medical Evaluators is not certified under SOC 2 Type 1.
Does California Medical Evaluators have SOC 2 Type 2 certification ?
According to Rankiteo, California Medical Evaluators does not hold a SOC 2 Type 2 certification.
Does California Medical Evaluators comply with GDPR ?
According to Rankiteo, California Medical Evaluators is not listed as GDPR compliant.
Does California Medical Evaluators have PCI DSS certification ?
According to Rankiteo, California Medical Evaluators does not currently maintain PCI DSS compliance.
Does California Medical Evaluators comply with HIPAA ?
According to Rankiteo, California Medical Evaluators is not compliant with HIPAA regulations.
Does California Medical Evaluators have ISO 27001 certification ?
According to Rankiteo,California Medical Evaluators is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of California Medical Evaluators
California Medical Evaluators operates primarily in the Legal Services industry.
Number of Employees at California Medical Evaluators
California Medical Evaluators employs approximately 61 people worldwide.
Subsidiaries Owned by California Medical Evaluators
California Medical Evaluators presently has no subsidiaries across any sectors.
California Medical Evaluators’s LinkedIn Followers
California Medical Evaluators’s official LinkedIn profile has approximately 1,124 followers.
NAICS Classification of California Medical Evaluators
California Medical Evaluators is classified under the NAICS code 5411, which corresponds to Legal Services.
California Medical Evaluators’s Presence on Crunchbase
Yes, California Medical Evaluators has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/california-medical-evaluators.
California Medical Evaluators’s Presence on LinkedIn
Yes, California Medical Evaluators maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/california-medical-evaluators-inc-.
Cybersecurity Incidents Involving California Medical Evaluators
As of April 03, 2026, Rankiteo reports that California Medical Evaluators has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
California Medical Evaluators has an estimated 7,769 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at California Medical Evaluators ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
What was the total financial impact of these incidents on California Medical Evaluators ?
Total Financial Loss: The total financial loss from these incidents is estimated to be $16 million.
How does California Medical Evaluators detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an law enforcement notified with yes (u.s. and european authorities), and remediation measures with free decryption tool released by japanese officials (july 2024)..
Incident Details
Can you provide details on each incident ?
Title: Russian National Pleads Guilty in Phobos Ransomware Scheme
Description: A 43-year-old Russian national, Evgenii Ptitsyn, pleaded guilty to wire fraud charges for his role as a key figure in the Phobos ransomware operation. Ptitsyn, the primary developer behind the ransomware, faces up to 20 years in prison. The Phobos ransomware campaign targeted over 1,000 organizations worldwide since November 2020.
Type: Ransomware
Attack Vector: Cybercriminal forums, darknet site for selling stolen data
Threat Actor: Evgenii Ptitsyn and associates
Motivation: Financial gain
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
Impact of the Incidents
What was the impact of each incident ?
Incident : Ransomware CAL1772735084
Financial Loss: $16 million (estimated total extorted)
Data Compromised: Stolen data sold on darknet
What is the average financial loss per incident ?
Average Financial Loss: The average financial loss per incident is $16.00 million.
Which entities were affected by each incident ?
Incident : Ransomware CAL1772735084
Entity Name: California public school system
Entity Type: Educational institution
Industry: Education
Location: California, USA
Incident : Ransomware CAL1772735084
Entity Type: Businesses
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Ransomware CAL1772735084
Law Enforcement Notified: Yes (U.S. and European authorities)
Remediation Measures: Free decryption tool released by Japanese officials (July 2024)
Data Breach Information
What type of data was compromised in each breach ?
Incident : Ransomware CAL1772735084
Data Exfiltration: Yes (data sold on darknet)
Data Encryption: Yes (ransomware encryption)
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Free decryption tool released by Japanese officials (July 2024).
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Ransomware CAL1772735084
Ransom Paid: $300,000 (California public school system)
Ransomware Strain: Phobos, 8Base
Data Encryption: Yes
Data Exfiltration: Yes
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Ransomware CAL1772735084
Legal Actions: Wire fraud charges (U.S.)
How does the company ensure compliance with regulatory requirements ?
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through Wire fraud charges (U.S.).
References
Where can I find more information about each incident ?
Incident : Ransomware CAL1772735084
Source: U.S. Department of Justice
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: U.S. Department of Justice.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Ransomware CAL1772735084
Investigation Status: Ongoing (parts of the group dismantled)
Additional Questions
General Information
Has the company ever paid ransoms ?
Ransom Payment History: The company has Paid ransoms in the past.
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Evgenii Ptitsyn and associates.
Impact of the Incidents
What was the highest financial loss from an incident ?
Highest Financial Loss: The highest financial loss from an incident was $16 million (estimated total extorted).
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident was Stolen data sold on darknet.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was Stolen data sold on darknet.
Ransomware Information
What was the highest ransom paid in a ransomware incident ?
Highest Ransom Paid: The highest ransom paid in a ransomware incident was $300,000 (California public school system).
Regulatory Compliance
What was the most significant legal action taken for a regulatory violation ?
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was Wire fraud charges (U.S.).
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is U.S. Department of Justice.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing (parts of the group dismantled).
.png)
Latest Global CVEs (Not Company-Specific)
Description
Hirschmann EagleSDV version 05.4.01 prior to 05.4.02 contains a denial-of-service vulnerability that causes the device to crash during session establishment when using TLS 1.0 or TLS 1.1. Attackers can trigger a crash by initiating TLS connections with these protocol versions to disrupt service availability.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description
The stored API keys in temporary browser client is not marked as protected allowing for JavScript console or other errors to allow for extraction of the encryption credentials.
Description
XSS vulnerability in cveInterface.js allows for inject HTML to be passed to display, as cveInterface trusts input from CVE API services
Description
Multiple reflected cross-site scripting (XSS) vulnerabilities in the login.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda and red_url parameters.
Description
A reflected cross-site scripting (XSS) vulnerability in the login_newpwd.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda parameter.
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=california-medical-evaluators-inc-' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
