CenturyLink
Company Details
Linkedin ID:
centurylink
Website:
Employees number:
24,214
Number of followers:
230,947
NAICS:
5415
Industry Type:
Homepage:
centurylink.com
IP Addresses:
0
Company ID:
CEN_2031114
Scan Status:
In-progress
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
CenturyLink Vendor Cyber Rating & Cyber Score
centurylink.comCenturyLink (NYSE: CTL) is a technology leader delivering hybrid networking, cloud connectivity, and security solutions to customers around the world. Through its extensive global fiber network, CenturyLink provides secure and reliable services to meet the growing digital demands of businesses and consumers. CenturyLink strives to be the trusted connection to the networked world and is focused on delivering technology that enhances the customer experience. Learn more at http://news.centurylink.com/.
CenturyLink A.I CyberSecurity Scoring
CenturyLink Risk Score (AI oriented)Between 750 and 799
CenturyLink
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
CenturyLink Global Score (TPRM)XXXX
CenturyLink
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
CenturyLink Company CyberSecurity News & History
Past Incidents
3
Attack Types
3
lumentechnologies
Ransomware
Rankiteo Explanation
Attack limited on finance or reputation
Description: Lumen Technologies, a leading provider of telecommunications services, identified two cybersecurity issues, including a ransomware attack. One of the events involved a ransomware attack on a small number of its servers that operate a segmented hosting service. The corporation simply acknowledged that the issue "is currently impairing the operations of a small number of the Company's enterprise customers." It gave no further information regarding the family of ransomware that infected its systems. Lumen developed improved security software following the ransomware attack's detection, which enabled the business to identify a different incursion.
CenturyLink Communications
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The Maine Office of the Attorney General disclosed a data breach affecting CenturyLink Communications between August 20 and August 31, 2020. The incident stemmed from a sophisticated password-guessing attack targeting the MyCenturyLink customer portal, compromising 1,942 accounts. Exposed data included usernames, email addresses, full names (first and last), service addresses, billing addresses, and related account details. While no financial or highly sensitive information (e.g., Social Security numbers, payment card data) was confirmed stolen, the breach risked unauthorized access to personal and account-specific information, potentially enabling phishing, identity fraud, or further targeted attacks. CenturyLink responded by issuing written notifications to affected customers between September 21–25, 2020, though the delay between discovery and disclosure raised concerns about proactive mitigation. The attack highlighted vulnerabilities in authentication mechanisms, emphasizing the need for stronger password policies and multi-factor authentication (MFA) to prevent credential-stuffing exploits.
CenturyLink
Data Leak
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: The personal information of hundreds of thousands of CenturyLink customers, including names, addresses, email addresses, and phone numbers was exposed online. A database of 2.8m records containing sensitive information regarding hundreds of thousands of CenturyLink’s customers was left open online for anyone with internet access to see. They included multiple pieces of personal information including name, email address, phone number, and address, along with account-specific information. The database comprised API logs with customer information and contained more than 2.8 million records in total. CenturyLink said to the affected customers. "We will continue to work to protect customer information, takes the protection of our customers’ information seriously, and we will work to ensure that we earn our customers’ trust.
CenturyLink Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for CenturyLink
Incidents vs IT Services and IT Consulting Industry Average (This Year)
No incidents recorded for CenturyLink in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for CenturyLink in 2026.
Incident Types CenturyLink vs IT Services and IT Consulting Industry Avg (This Year)
No incidents recorded for CenturyLink in 2026.
Incident History — CenturyLink (X = Date, Y = Severity)
CenturyLink cyber incidents detection timeline including parent company and subsidiaries
CenturyLink Company Subsidiaries
CenturyLink (NYSE: CTL) is a technology leader delivering hybrid networking, cloud connectivity, and security solutions to customers around the world. Through its extensive global fiber network, CenturyLink provides secure and reliable services to meet the growing digital demands of businesses and consumers. CenturyLink strives to be the trusted connection to the networked world and is focused on delivering technology that enhances the customer experience. Learn more at http://news.centurylink.com/.
Loading...
CenturyLink Similar Companies
Infinite Computer Solutions
Infinite is a global leader in technology modernization, next-gen IT services and solutions, and digital engineering, with over two decades of experience helping clients turn digital transformation into business value. Leveraging an AI-first approach, we combine leading technologies, innovative plat
ASGN Incorporated
ASGN Incorporated (NYSE: ASGN) is a leading provider of IT services and solutions across the commercial and government sectors. ASGN helps corporate enterprises and government organizations develop, implement and operate critical IT and business solutions through its integrated offerings. For more i
TELUS Digital
TELUS Digital crafts unique and enduring experiences for customers and employees, and creates future-focused digital transformations that stand the test of time. We are the brand behind the brands. Our global team members are both passionate ambassadors of our clients’ products and services, and vis
Diebold Nixdorf automates, digitizes and transforms the way people bank and shop. Its integrated solutions connect digital and physical channels conveniently, securely and efficiently for millions of consumers every day. As an innovation partner for nearly all of the world's top 100 financial inst
Amazon Web Services (AWS)
Launched in 2006, Amazon Web Services (AWS) began exposing key infrastructure services to businesses in the form of web services -- now widely known as cloud computing. The ultimate benefit of cloud computing, and AWS, is the ability to leverage a new business model and turn capital infrastructure e
Wipro
Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading AI-powered technology services and consulting company focused on building innovative solutions that address clients’ most complex digital transformation needs. Leveraging our consulting-led approach and the Wipro Intelligence™ unified s
Eviden
Eviden is the Atos Group brand for hardware and software products with c. € 1 billion in revenue, operating in 36 countries and comprising four business units: advanced computing, cybersecurity products, mission-critical systems and vision AI. As a next-generation technology leader, Eviden offers a
FIS
Unlocking financial technology. Bringing the world’s money into harmony. At FIS, we advance the way the world pays, banks, and invests. With decades of expertise, we provide financial technology solutions to financial institutions, businesses, and developers. Headquartered in Jacksonville, Florida,
We have the world’s best talent that design, run, and manage the most advanced and reliable technology infrastructure each day. Together, we think holistically about the health of these vital technology ecosystems. We are a focused, independent company that builds on our foundation of excellence by
.png)
CenturyLink CyberSecurity News
January 07, 2026 08:00 AM
One million customers on alert as extortion group claims massive Brightspeed data haul
The Crimson Collective claims to have stolen data on more than a million Brightspeed customers. The broadband provider is investigating.
January 05, 2026 08:00 AM
25 Best Managed Security Service Providers (MSSP) In 2026
Managed Security Service Providers (MSSPs) specialize in outsourced cyber defense, shielding firms from relentless threats.
October 31, 2025 07:00 AM
US telco confirms hackers breached systems in stealthy state-backed cyber campaign – and remained undetected for nearly a year
State-sponsored hackers breached the systems of US telecoms services firm Ribbon Communications, and stayed undetected for nearly a year.
October 31, 2025 07:00 AM
Telecom provider Ribbon Communications reports nation-state hack
Cyberattack on the telecom supply chain compared to May 2021 Colonial pipeline attack.
October 31, 2025 07:00 AM
Lumen Technologies (LUMN) Q3 2025 Earnings Call Transcript
The company changed its name from CenturyLink to Lumen Technologies in 2020 and now operates under the Lumen, Quantum Fiber, CenturyLink,...
October 29, 2025 07:00 AM
Major telecom supplier compromised by unnamed nation-state attackers
Nation-state snoops broke into Ribbon Communications – an outfit that provides software and networking gear to Verizon, CenturyLink,...
October 27, 2025 07:00 AM
DCM Services Names Curtis Rebelein as Chief Information Security Officer
Rebelein will lead efforts to fortify DCM Services' security posture, regulatory compliance, and risk management strategies.
August 18, 2025 07:00 AM
Why Clearance Holders Get Rejected for Jobs – Even When They Have the Right Skills
Sometimes the biggest setbacks in a cleared job search come down to the smallest details. Stephanie Holman, a technical recruiter at...
July 23, 2025 07:00 AM
Cloudflare report reveals surge in internet shutdowns & outages
Cloudflare's Q2 2025 report reveals a sharp rise in global internet shutdowns from government actions, outages, cable damage and...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
CenturyLink CyberSecurity History Information
Official Website of CenturyLink
The official website of CenturyLink is http://www.centurylink.com.
CenturyLink’s AI-Generated Cybersecurity Score
According to Rankiteo, CenturyLink’s AI-generated cybersecurity score is 765, reflecting their Fair security posture.
How many security badges does CenturyLink’ have ?
According to Rankiteo, CenturyLink currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has CenturyLink been affected by any supply chain cyber incidents ?
According to Rankiteo, CenturyLink has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does CenturyLink have SOC 2 Type 1 certification ?
According to Rankiteo, CenturyLink is not certified under SOC 2 Type 1.
Does CenturyLink have SOC 2 Type 2 certification ?
According to Rankiteo, CenturyLink does not hold a SOC 2 Type 2 certification.
Does CenturyLink comply with GDPR ?
According to Rankiteo, CenturyLink is not listed as GDPR compliant.
Does CenturyLink have PCI DSS certification ?
According to Rankiteo, CenturyLink does not currently maintain PCI DSS compliance.
Does CenturyLink comply with HIPAA ?
According to Rankiteo, CenturyLink is not compliant with HIPAA regulations.
Does CenturyLink have ISO 27001 certification ?
According to Rankiteo,CenturyLink is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of CenturyLink
CenturyLink operates primarily in the IT Services and IT Consulting industry.
Number of Employees at CenturyLink
CenturyLink employs approximately 24,214 people worldwide.
Subsidiaries Owned by CenturyLink
CenturyLink presently has no subsidiaries across any sectors.
CenturyLink’s LinkedIn Followers
CenturyLink’s official LinkedIn profile has approximately 230,947 followers.
NAICS Classification of CenturyLink
CenturyLink is classified under the NAICS code 5415, which corresponds to Computer Systems Design and Related Services.
CenturyLink’s Presence on Crunchbase
No, CenturyLink does not have a profile on Crunchbase.
CenturyLink’s Presence on LinkedIn
Yes, CenturyLink maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/centurylink.
Cybersecurity Incidents Involving CenturyLink
As of March 28, 2026, Rankiteo reports that CenturyLink has experienced 3 cybersecurity incidents.
Number of Peer and Competitor Companies
CenturyLink has an estimated 39,816 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at CenturyLink ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach, Data Leak and Ransomware.
How does CenturyLink detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with centurylink informed affected customers, and remediation measures with developed improved security software, and remediation measures with customer notifications (via mail), and communication strategy with written notifications to affected customers..
Incident Details
Can you provide details on each incident ?
Title: CenturyLink Customer Data Exposure
Description: The personal information of hundreds of thousands of CenturyLink customers, including names, addresses, email addresses, and phone numbers was exposed online.
Type: Data Breach
Title: Ransomware Attack on Lumen Technologies
Description: Lumen Technologies, a leading provider of telecommunications services, identified two cybersecurity issues, including a ransomware attack. One of the events involved a ransomware attack on a small number of its servers that operate a segmented hosting service. The corporation simply acknowledged that the issue 'is currently impairing the operations of a small number of the Company's enterprise customers.' It gave no further information regarding the family of ransomware that infected its systems. Lumen developed improved security software following the ransomware attack's detection, which enabled the business to identify a different incursion.
Type: Ransomware
Title: CenturyLink Communications Data Breach (2020)
Description: The Maine Office of the Attorney General reported a data breach involving CenturyLink Communications, with the breach occurring between August 20 and August 31, 2020. Approximately 1,942 accounts were affected due to a sophisticated password guessing attack on the MyCenturyLink customer account website, potentially exposing usernames, email addresses, first and last names, service and billing addresses, and other related information. Written notifications were sent to customers starting September 21, 2020, with all letters mailed by September 25, 2020.
Date Publicly Disclosed: 2020-09-21
Type: Data Breach
Attack Vector: Password Guessing Attack
Vulnerability Exploited: Weak or Reused Passwords
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through MyCenturyLink Customer Account Website.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach CEN32023423
Data Compromised: Names, Addresses, Email addresses, Phone numbers, Account-specific information
Systems Affected: database
Incident : Ransomware LUM33321023
Systems Affected: Segmented hosting service servers
Operational Impact: Impairing the operations of a small number of the Company's enterprise customers
Incident : Data Breach LEV801082025
Data Compromised: Usernames, Email addresses, First and last names, Service addresses, Billing addresses, Other related information
Systems Affected: MyCenturyLink Customer Account Website
Identity Theft Risk: Potential
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Information, Account-Specific Information, , Usernames, Email Addresses, First And Last Names, Service Addresses, Billing Addresses, Other Related Information and .
Which entities were affected by each incident ?
Incident : Data Breach CEN32023423
Entity Name: CenturyLink
Entity Type: Corporation
Industry: Telecommunications
Customers Affected: hundreds of thousands
Incident : Ransomware LUM33321023
Entity Name: Lumen Technologies
Entity Type: Corporation
Industry: Telecommunications
Customers Affected: Small number of enterprise customers
Incident : Data Breach LEV801082025
Entity Name: CenturyLink Communications (now Lumen Technologies)
Entity Type: Telecommunications Company
Industry: Telecommunications
Location: United States
Customers Affected: 1,942
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach CEN32023423
Communication Strategy: CenturyLink informed affected customers
Incident : Ransomware LUM33321023
Remediation Measures: Developed improved security software
Incident : Data Breach LEV801082025
Remediation Measures: Customer Notifications (via mail)
Communication Strategy: Written Notifications to Affected Customers
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach CEN32023423
Type of Data Compromised: Personal information, Account-specific information
Number of Records Exposed: 2.8 million
File Types Exposed: API logs
Personally Identifiable Information: namesaddressesemail addressesphone numbers
Incident : Data Breach LEV801082025
Type of Data Compromised: Usernames, Email addresses, First and last names, Service addresses, Billing addresses, Other related information
Number of Records Exposed: 1,942
Sensitivity of Data: Moderate (PII)
Data Exfiltration: Potential
Personally Identifiable Information: Yes
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Developed improved security software, , Customer Notifications (via mail), .
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach LEV801082025
Regulatory Notifications: Maine Office of the Attorney General
References
Where can I find more information about each incident ?
Incident : Data Breach LEV801082025
Source: Maine Office of the Attorney General
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Maine Office of the Attorney General.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through CenturyLink informed affected customers and Written Notifications To Affected Customers.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach CEN32023423
Customer Advisories: CenturyLink informed affected customers
Incident : Data Breach LEV801082025
Customer Advisories: Written notifications sent between September 21–25, 2020
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were CenturyLink informed affected customers, Written Notifications Sent Between September 21–25, 2020 and .
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach LEV801082025
Entry Point: MyCenturyLink Customer Account Website
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach LEV801082025
Root Causes: Weak Or Reused Passwords Vulnerable To Guessing Attacks,
Additional Questions
Incident Details
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2020-09-21.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were names, addresses, email addresses, phone numbers, account-specific information, , Usernames, Email Addresses, First and Last Names, Service Addresses, Billing Addresses, Other Related Information and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was database and Segmented hosting service servers and MyCenturyLink Customer Account Website.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Other Related Information, account-specific information, Service Addresses, addresses, First and Last Names, names, email addresses, Usernames, Email Addresses, phone numbers and Billing Addresses.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 2.8M.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Maine Office of the Attorney General.
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued were an CenturyLink informed affected customers, Written notifications sent between September 21–25 and 2020.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an MyCenturyLink Customer Account Website.
.png)
Latest Global CVEs (Not Company-Specific)
Description
A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. This manipulation of the argument PPPOEPassword causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been published and may be used.
Risk Information
cvss2
Base: 9.0
Severity: LOW
AV:N/AC:L/Au:S/C:C/I:C/A:C
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss4
Base: 7.4
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A vulnerability was detected in Tenda AC5 15.03.06.47. This affects the function fromAddressNat of the file /goform/addressNat of the component POST Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit is now public and may be used.
Risk Information
cvss2
Base: 9.0
Severity: LOW
AV:N/AC:L/Au:S/C:C/I:C/A:C
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss4
Base: 7.4
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions.
Risk Information
cvss3
Base: 8.5
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L
Description
Incus is a system container and virtual machine manager. Prior to version 6.23.0, instance template files can be used to cause arbitrary read or writes as root on the host server. Incus allows for pongo2 templates within instances which can be used at various times in the instance lifecycle to template files inside of the instance. This particular implementation of pongo2 within Incus allowed for file read/write but with the expectation that the pongo2 chroot feature would isolate all such access to the instance's filesystem. This was allowed such that a template could theoretically read a file and then generate a new version of said file. Unfortunately the chroot isolation mechanism is entirely skipped by pongo2 leading to easy access to the entire system's filesystem with root privileges. Version 6.23.0 patches the issue.
Risk Information
cvss3
Base: 9.9
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Description
Incus is a system container and virtual machine manager. Prior to version 6.23.0, a specially crafted storage bucket backup can be used by an user with access to Incus' storage bucket feature to crash the Incus daemon. Repeated use of this attack can be used to keep the server offline causing a denial of service of the control plane API. This does not impact any running workload, existing containers and virtual machines will keep operating. Version 6.23.0 fixes the issue.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=centurylink' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
