EHSL
Company Details
Linkedin ID:
eskom
Website:
Employees number:
42,212
Number of followers:
590,752
NAICS:
22
Industry Type:
Homepage:
eskom.co.za
IP Addresses:
0
Company ID:
ESK_6298407
Scan Status:
In-progress
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
Eskom Holdings SOC Ltd Vendor Cyber Rating & Cyber Score
eskom.co.zaCompany profile Eskom Holdings generates, transports and distributes approximately 95% of South Africa’s electricity – making up 60% of the total electricity consumed on the African continent. Eskom is the world’s eleventh-largest power utility in terms of generating capacity, ranks ninth in terms of sales, and boasts the world's largest dry-cooling power station. Eskom Holdings’ Enterprises Division designs, builds and refurbishes Eskom’s assets, and acts as a catalyst for project development for the group. Eskom Enterprises’ main focus is to support Eskom Holdings and be the custodian of non-regulated businesses and offer strategic and commercial lifecycle services to the line divisions.
Eskom Holdings SOC Ltd A.I CyberSecurity Scoring
EHSL Risk Score (AI oriented)Between 750 and 799
EHSL
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
EHSL Global Score (TPRM)XXXX
EHSL
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
EHSL Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Eskom Holdings SOC Ltd
Cyber Attack
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: Eskom, power utility organisation had security incident at its data center. The working of the systems were affected. The system worked slower than usual. Eskom had stage four load-shedding and increased power cuts.
EHSL Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for EHSL
Incidents vs Utilities Industry Average (This Year)
No incidents recorded for Eskom Holdings SOC Ltd in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Eskom Holdings SOC Ltd in 2026.
Incident Types EHSL vs Utilities Industry Avg (This Year)
No incidents recorded for Eskom Holdings SOC Ltd in 2026.
Incident History — EHSL (X = Date, Y = Severity)
EHSL cyber incidents detection timeline including parent company and subsidiaries
EHSL Company Subsidiaries
Company profile Eskom Holdings generates, transports and distributes approximately 95% of South Africa’s electricity – making up 60% of the total electricity consumed on the African continent. Eskom is the world’s eleventh-largest power utility in terms of generating capacity, ranks ninth in terms of sales, and boasts the world's largest dry-cooling power station. Eskom Holdings’ Enterprises Division designs, builds and refurbishes Eskom’s assets, and acts as a catalyst for project development for the group. Eskom Enterprises’ main focus is to support Eskom Holdings and be the custodian of non-regulated businesses and offer strategic and commercial lifecycle services to the line divisions.
Loading...
EHSL Similar Companies
Hitachi Energy is a global technology leader in electrification, powering a sustainable energy future with innovative power grid technologies with digital at the core. Over three billion people depend on our technologies to power their daily lives. With over a century in pioneering mission-critical
Framatome
Framatome is an international leader in nuclear energy recognized for its innovative, digital and value added solutions for the global nuclear fleet. With worldwide expertise and a proven track record for reliability and performance, the company designs, services and installs components, fuel, and i
Enedis
Enedis est le gestionnaire du réseau public de distribution d’électricité sur 95 % du territoire français continental. Ses 38 859 collaborateurs assurent chaque jour l’exploitation, l’entretien et le développement de près de 1,3 million de kilomètres de réseau. Raccordement, mise en service, dépann
NextEra Energy, Inc.
NextEra Energy, Inc. (NYSE: NEE) is one of the largest electric power and energy infrastructure companies in North America and is a leading provider of electricity to American homes and businesses. Headquartered in Juno Beach, Florida, NextEra Energy is a Fortune 200 company that owns Florida Power
British Gas
Taking care of things. At British Gas we’re always looking at new ways to save energy and money for our customers. Everything we do from our trusted engineers to helpful call centre agents, and innovative product owners to digital marketing specialists, is about providing affordable, hassle-free s
Correos
Somos la empresa líder en comunicaciones físicas, digitales y de paquetería. Nuestra misión es prestar un servicio integral de calidad, ofreciendo soluciones y servicios en toda la cadena de valor del ecommerce con el objetivo de facilitar la vida a nuestros clientes. Distribuimos más de 5.100 millo
Neoenergia
Somos uma companhia de capital aberto com ações (NEOE3) negociadas na Bolsa de Valores de São Paulo. Parte do grupo espanhol Iberdrola, atuamos no Brasil desde 1997, e atualmente, somos uma das líderes do setor elétrico do país. Estamos presentes em 18 estados e no Distrito Federal, com negócios em
Exelon
Exelon Corporation (Nasdaq: EXC) is one of the nation’s largest utility companies, serving more than 10 million customers through six fully regulated utilities. We believe that reliable and affordable energy is essential to a brighter, more sustainable future. We are a FORTUNE 250 company operating
Adani Group
Adani Group is a diversified organisation in India comprising 10 publicly traded companies. It has created a world class transport and utility infrastructure portfolio that has a pan-India presence. Adani Group is headquartered in Ahmedabad, in the state of Gujarat, India. Over the years, Adani Grou
.png)
EHSL CyberSecurity News
February 18, 2026 08:00 AM
CYSEC AFRICA 2026 to Convene Africa’s Cybersecurity Leaders in Johannesburg
CYSEC GLOBAL bringing back CYSEC AFRICA, set to take place on 26ᵗʰ February 2026 at the Gallagher Convention Centre.
February 12, 2026 08:00 AM
S.Africa's Ramaphosa pushing ahead with Eskom break-up plan
South Africa will push ahead with breaking up power utility Eskom and creating a standalone company to run the transmission grid,...
February 11, 2026 08:00 AM
Three strikes for South Africa
South Africa's capital Pretoria, commercial hub Johannesburg and tourism mecca Cape Town all experienced water shortages this week,...
January 29, 2026 08:12 PM
Africa Tech Festival Awards 2025 honour Africa’s trailblazers in technology and innovation
The Africa Tech Festival Awards 2025 (https://AfricaTechFestival.com/), held on Wednesday, 12 November 2025 in Cape Town, brought together technology...
December 04, 2025 08:00 AM
Major international company eyeing a comeback in South Africa
Rebuilding McKinsey & Co.'s reputation in South Africa after it was implicated in state corruption scandals will be a long process,...
September 17, 2025 07:00 AM
South African court annuls permit for Eskom to build new gas power plant
One of South Africa's top courts on Wednesday annulled a government permit allowing state utility Eskom to build a large power plant burning...
August 05, 2025 07:00 AM
Another nail in the coffin for Eskom’s monopoly in South Africa
Lyra Energy, a renewable energy platform supplying power to industries, has been granted an electricity trading license in South Africa.
July 03, 2025 07:00 AM
Eskom tightens controls after online vending system fraud
The power utility undertakes a comprehensive review and intervention to mitigate vulnerabilities and restore system integrity.
June 21, 2025 07:00 AM
Residential solar in South Africa hits a wall
While industrial solar demand in South Africa is stable, the residential sector has diminished amid a more stable power supply.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
EHSL CyberSecurity History Information
Official Website of Eskom Holdings SOC Ltd
The official website of Eskom Holdings SOC Ltd is http://www.eskom.co.za.
Eskom Holdings SOC Ltd’s AI-Generated Cybersecurity Score
According to Rankiteo, Eskom Holdings SOC Ltd’s AI-generated cybersecurity score is 797, reflecting their Fair security posture.
How many security badges does Eskom Holdings SOC Ltd’ have ?
According to Rankiteo, Eskom Holdings SOC Ltd currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Eskom Holdings SOC Ltd been affected by any supply chain cyber incidents ?
According to Rankiteo, Eskom Holdings SOC Ltd has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Eskom Holdings SOC Ltd have SOC 2 Type 1 certification ?
According to Rankiteo, Eskom Holdings SOC Ltd is not certified under SOC 2 Type 1.
Does Eskom Holdings SOC Ltd have SOC 2 Type 2 certification ?
According to Rankiteo, Eskom Holdings SOC Ltd does not hold a SOC 2 Type 2 certification.
Does Eskom Holdings SOC Ltd comply with GDPR ?
According to Rankiteo, Eskom Holdings SOC Ltd is not listed as GDPR compliant.
Does Eskom Holdings SOC Ltd have PCI DSS certification ?
According to Rankiteo, Eskom Holdings SOC Ltd does not currently maintain PCI DSS compliance.
Does Eskom Holdings SOC Ltd comply with HIPAA ?
According to Rankiteo, Eskom Holdings SOC Ltd is not compliant with HIPAA regulations.
Does Eskom Holdings SOC Ltd have ISO 27001 certification ?
According to Rankiteo,Eskom Holdings SOC Ltd is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Eskom Holdings SOC Ltd
Eskom Holdings SOC Ltd operates primarily in the Utilities industry.
Number of Employees at Eskom Holdings SOC Ltd
Eskom Holdings SOC Ltd employs approximately 42,212 people worldwide.
Subsidiaries Owned by Eskom Holdings SOC Ltd
Eskom Holdings SOC Ltd presently has no subsidiaries across any sectors.
Eskom Holdings SOC Ltd’s LinkedIn Followers
Eskom Holdings SOC Ltd’s official LinkedIn profile has approximately 590,752 followers.
NAICS Classification of Eskom Holdings SOC Ltd
Eskom Holdings SOC Ltd is classified under the NAICS code 22, which corresponds to Utilities.
Eskom Holdings SOC Ltd’s Presence on Crunchbase
Yes, Eskom Holdings SOC Ltd has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/eskom.
Eskom Holdings SOC Ltd’s Presence on LinkedIn
Yes, Eskom Holdings SOC Ltd maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/eskom.
Cybersecurity Incidents Involving Eskom Holdings SOC Ltd
As of April 02, 2026, Rankiteo reports that Eskom Holdings SOC Ltd has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Eskom Holdings SOC Ltd has an estimated 4,343 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Eskom Holdings SOC Ltd ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack.
Incident Details
Can you provide details on each incident ?
Title: Eskom Data Center Security Incident
Description: Eskom, a power utility organisation, experienced a security incident at its data center. The working of the systems was affected, and they operated slower than usual. This led to stage four load-shedding and increased power cuts.
Type: Security Incident
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
Impact of the Incidents
What was the impact of each incident ?
Incident : Security Incident ESK238221222
Systems Affected: Data Center
Operational Impact: Slower system performanceStage four load-sheddingIncreased power cuts
Which entities were affected by each incident ?
Incident : Security Incident ESK238221222
Entity Name: Eskom
Entity Type: Power Utility
Industry: Energy
Additional Questions
Impact of the Incidents
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Data Center.
.png)
Latest Global CVEs (Not Company-Specific)
Description
A security flaw has been discovered in itsourcecode Payroll Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /manage_user.php of the component Parameter Handler. Performing a manipulation of the argument ID results in sql injection. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A vulnerability was identified in Axiomatic Bento4 up to 1.6.0-641. Affected is the function AP4_BitReader::SkipBits of the file Ap4Dac4Atom.cpp of the component DSI v1 Parser. Such manipulation of the argument n_presentations leads to heap-based buffer overflow. The attack needs to be performed locally. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet.
Risk Information
cvss2
Base: 4.3
Severity: LOW
AV:L/AC:L/Au:S/C:P/I:P/A:P
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 4.8
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A vulnerability was determined in Axiomatic Bento4 up to 1.6.0-641. This impacts the function AP4_BitReader::ReadCache of the file Ap4Dac4Atom.cpp of the component MP4 File Parser. This manipulation causes heap-based buffer overflow. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet.
Risk Information
cvss2
Base: 4.3
Severity: LOW
AV:L/AC:L/Au:S/C:P/I:P/A:P
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 4.8
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a heap-buffer-overflow (HBO) in icAnsiToUtf8() in the XML conversion path. The issue is triggered by a crafted ICC profile which causes icAnsiToUtf8(std::string&, char const*) to treat an input buffer as a C-string and call operations that rely on strlen()/null-termination. AddressSanitizer reports an out-of-bounds READ of size 115 past a 114-byte heap allocation, with the failure observed while running the iccToXml tool. This issue has been patched in version 2.3.1.6.
Risk Information
cvss3
Base: 6.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Description
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a stack-buffer-overflow (SBO) in CIccTagFixedNum<>::GetValues() and a related bug chain. The primary crash is an AddressSanitizer-reported WRITE of size 4 that overflows a 4-byte stack variable (rv) via the call chain CIccTagFixedNum::GetValues() -> CIccTagStruct::GetElemNumberValue(). This issue has been patched in version 2.3.1.6.
Risk Information
cvss3
Base: 6.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References
- https://github.com/InternationalColorConsortium/iccDEV/issues/696
- https://github.com/InternationalColorConsortium/iccDEV/issues/697
- https://github.com/InternationalColorConsortium/iccDEV/issues/698
- https://github.com/InternationalColorConsortium/iccDEV/issues/703
- https://github.com/InternationalColorConsortium/iccDEV/pull/739
- https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-983c-rgh5-4982
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=eskom' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
