Sanford Health
Company Details
Linkedin ID:
sanford-health
Website:
Employees number:
15,889
Number of followers:
71,199
NAICS:
62
Industry Type:
Homepage:
sanfordhealth.org
IP Addresses:
66
Company ID:
SAN_2961547
Scan Status:
Completed
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
Sanford Health Vendor Cyber Rating & Cyber Score
sanfordhealth.orgSanford Health is the largest rural health system in the U.S. Our organization is dedicated to transforming the health care experience and providing access to world-class health care in America’s heartland. Headquartered in Sioux Falls, South Dakota, we serve more than one million patients and 220,000 health plan members across 250,000 square miles. Our integrated health system has 47 medical centers, 2,800 physicians and advanced practice providers, 170 clinical investigators and research scientists, more than 200 Good Samaritan Society senior care locations, and world clinics in eight countries around the globe. Learn more about our commitment to shaping the future of rural health care at sanfordhealth.org or Sanford Health News.
Sanford Health A.I CyberSecurity Scoring
Sanford Health Risk Score (AI oriented)Between 700 and 749
Sanford Health
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Sanford Health Global Score (TPRM)XXXX
Sanford Health
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Sanford Health Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Sanford Health
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: DMS Health Technologies, the imaging provider Sanford Health utilises for their mobile heart screen trucks, suffered from data security incident. Name, date of birth, date of service, physician name, and type of exam were all possibly compromised patient data. One of the several DMS contracted partners impacted by this incident is Sanford Health. DMS will inform the impacted patients and provide free identity monitoring services through Kroll to some of the affected individuals. The letter they get will contain those specifics. The data breach is being informed to more than 21,000 (21,211) Sanford Health patients, including 10,334 in North Dakota, 4,967 in Minnesota, 2,685 in South Dakota, 1,058 in Iowa, and a small number in 36 other states.
Sanford Health Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Sanford Health
Incidents vs Hospitals and Health Care Industry Average (This Year)
No incidents recorded for Sanford Health in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Sanford Health in 2026.
Incident Types Sanford Health vs Hospitals and Health Care Industry Avg (This Year)
No incidents recorded for Sanford Health in 2026.
Incident History — Sanford Health (X = Date, Y = Severity)
Sanford Health cyber incidents detection timeline including parent company and subsidiaries
Sanford Health Company Subsidiaries
Sanford Health is the largest rural health system in the U.S. Our organization is dedicated to transforming the health care experience and providing access to world-class health care in America’s heartland. Headquartered in Sioux Falls, South Dakota, we serve more than one million patients and 220,000 health plan members across 250,000 square miles. Our integrated health system has 47 medical centers, 2,800 physicians and advanced practice providers, 170 clinical investigators and research scientists, more than 200 Good Samaritan Society senior care locations, and world clinics in eight countries around the globe. Learn more about our commitment to shaping the future of rural health care at sanfordhealth.org or Sanford Health News.
Loading...
Sanford Health Similar Companies
University Health Network
University Health Network (UHN) is Canada's largest research hospital, which includes Toronto General and Toronto Western Hospitals, Princess Margaret Cancer Centre, the Toronto Rehabilitation Institute and the Michener Institute for Education at UHN. The scope of research and complexity of cases at
At UCHealth, we do things differently. We strive to promote individual and community health and leave no question unanswered along the way. We’re driven to improve and optimize health care. Our network of nationally-recognized hospitals, clinic locations and health care providers extends throughout
Committed to Life - We save and improve human lives with affordable, accessible, and innovative healthcare products and the highest quality in clinical care. Fresenius is a global healthcare company headquartered in Bad Homburg v. d. Höhe, Germany. In fiscal year 2024, Fresenius generated €21.5 bil
University Hospitals Connor Integrative Health Network
Integrative Medicine (IM) is an approach to healthcare that takes into account the whole person addressing the full range of physical, emotional, mental, social, spiritual, and environmental influences that affect an individual’s health. IM is informed by evidence, makes use of all appropriate thera
Mercy, one of the 15 largest U.S. health systems and named the top large system in the U.S. for excellent patient experience by NRC Health, serves millions annually with nationally recognized care and one of the nation’s largest and highest performing Accountable Care Organizations in quality and co
About Aveanna It all started with a simple idea: How can we help people live better lives by providing better homecare? That idea became a company called Aveanna, dedicated to bringing new possibilities and new hope to those we serve. At Aveanna, we believe that the ultimate place for caring is rig
Helios Health GmbH
Based on our extensive expertise and know how we seek to ensure high quality, efficient and patient focused healthcare, locally as well as within an international environment. For this purpose Helios Health was founded in 2017. Helios Health combines Helios Germany (Helios Kliniken) and Helios Spa
Johnson & Johnson
At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine
Omega Healthcare Management Services
Founded in 2003, Omega Healthcare Management Services® (Omega Healthcare) is an AI-driven healthcare solutions company that partners across the healthcare ecosystem to deliver breakthrough results by reimagining and elevating revenue operations. Powered by the Omega Digital Platform®, our agentic AI
.png)
Sanford Health CyberSecurity News
March 11, 2026 07:00 AM
Sanford Health Bismarck reaccredited for bariatric excellence
BISMARCK, ND (KXNET) — Sanford Health in Bismarck announces the reaccreditation of its Bariatric Surgery Program by the American College of...
March 09, 2026 08:41 PM
A Sanford Health doctor takes to the skies to bridge the rural health care gap in South Dakota
Sanford Health uses its own aircraft to provide 60 different types of specialty outreach to more than 200 locations each year.
February 24, 2026 08:00 AM
For Sanford Health, virtual care is essential, and expanding | ViVE 2026
The health system is using telehealth to deliver more care across the rural Midwest, saving time for money and patients.
February 16, 2026 08:00 AM
AI Is Everywhere in Healthcare. But No One Agrees on What It's Actually For.
Healthcare leaders are hailing AI as a transformative technology, yet what is it really transforming?
February 03, 2026 08:00 AM
The C-Suite Rewrites the Org Chart: How Health Systems Are Elevating Technology Leadership
When Sanford Health created a new tech-focused C-suite role earlier this year, the move was notable not only for its scope but also for its...
December 02, 2025 08:00 AM
5 Cybersecurity Myths in Healthcare: Protecting Patient Data Beyond Compliance
Discover 5 common healthcare cybersecurity myths and learn practical strategies to protect patient data beyond HIPAA compliance.
November 28, 2025 08:00 AM
Sanford Health Expands Care to Black Hills With New 168-Bed Medical Center
"Black Hills deserve strong, reliable access to quality health care," South Dakota Governor Larry Rhoden said in an X post.
November 18, 2025 08:00 AM
Sanford Health gets $300M gift for new hospital
Continuing a series of landmark contributions, Denny Sanford provided the funds for a new medical center in South Dakota.
November 05, 2025 08:00 AM
Sanford Health acquires South Dakota hospital
Sanford Health, one of the larger nonprofit health systems in America, continues to add to its footprint. Image: Prairie Lakes Healthcare...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Sanford Health CyberSecurity History Information
Official Website of Sanford Health
The official website of Sanford Health is http://www.sanfordhealth.org.
Sanford Health’s AI-Generated Cybersecurity Score
According to Rankiteo, Sanford Health’s AI-generated cybersecurity score is 743, reflecting their Moderate security posture.
How many security badges does Sanford Health’ have ?
According to Rankiteo, Sanford Health currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Sanford Health been affected by any supply chain cyber incidents ?
According to Rankiteo, Sanford Health has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Sanford Health have SOC 2 Type 1 certification ?
According to Rankiteo, Sanford Health is not certified under SOC 2 Type 1.
Does Sanford Health have SOC 2 Type 2 certification ?
According to Rankiteo, Sanford Health does not hold a SOC 2 Type 2 certification.
Does Sanford Health comply with GDPR ?
According to Rankiteo, Sanford Health is not listed as GDPR compliant.
Does Sanford Health have PCI DSS certification ?
According to Rankiteo, Sanford Health does not currently maintain PCI DSS compliance.
Does Sanford Health comply with HIPAA ?
According to Rankiteo, Sanford Health is not compliant with HIPAA regulations.
Does Sanford Health have ISO 27001 certification ?
According to Rankiteo,Sanford Health is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Sanford Health
Sanford Health operates primarily in the Hospitals and Health Care industry.
Number of Employees at Sanford Health
Sanford Health employs approximately 15,889 people worldwide.
Subsidiaries Owned by Sanford Health
Sanford Health presently has no subsidiaries across any sectors.
Sanford Health’s LinkedIn Followers
Sanford Health’s official LinkedIn profile has approximately 71,199 followers.
NAICS Classification of Sanford Health
Sanford Health is classified under the NAICS code 62, which corresponds to Health Care and Social Assistance.
Sanford Health’s Presence on Crunchbase
No, Sanford Health does not have a profile on Crunchbase.
Sanford Health’s Presence on LinkedIn
Yes, Sanford Health maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/sanford-health.
Cybersecurity Incidents Involving Sanford Health
As of March 30, 2026, Rankiteo reports that Sanford Health has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Sanford Health has an estimated 32,295 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Sanford Health ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does Sanford Health detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with kroll, and communication strategy with dms will inform the impacted patients and provide free identity monitoring services through kroll to some of the affected individuals. the letter they receive will contain those specifics...
Incident Details
Can you provide details on each incident ?
Title: Data Security Incident at DMS Health Technologies
Description: DMS Health Technologies, the imaging provider for Sanford Health's mobile heart screen trucks, suffered a data security incident. Patient data including name, date of birth, date of service, physician name, and type of exam were potentially compromised. Sanford Health is one of the several DMS contracted partners impacted by this incident.
Type: Data Breach
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach SAN113016923
Data Compromised: Name, Date of birth, Date of service, Physician name, Type of exam
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Name, Date Of Birth, Date Of Service, Physician Name, Type Of Exam and .
Which entities were affected by each incident ?
Incident : Data Breach SAN113016923
Entity Name: Sanford Health
Entity Type: Healthcare Provider
Industry: Healthcare
Location: North DakotaMinnesotaSouth DakotaIowa36 other states
Customers Affected: {'state': 'North Dakota', 'number': 10334}, {'state': 'Minnesota', 'number': 4967}, {'state': 'South Dakota', 'number': 2685}, {'state': 'Iowa', 'number': 1058}, {'state': 'Other', 'number': 'small number'}
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach SAN113016923
Third Party Assistance: Kroll.
Communication Strategy: DMS will inform the impacted patients and provide free identity monitoring services through Kroll to some of the affected individuals. The letter they receive will contain those specifics.
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Kroll, .
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach SAN113016923
Type of Data Compromised: Name, Date of birth, Date of service, Physician name, Type of exam
Number of Records Exposed: 21211
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through DMS will inform the impacted patients and provide free identity monitoring services through Kroll to some of the affected individuals. The letter they receive will contain those specifics..
Post-Incident Analysis
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Kroll, .
Additional Questions
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Name, Date of Birth, Date of Service, Physician Name, Type of Exam and .
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was kroll, .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Type of Exam, Date of Service, Physician Name, Date of Birth and Name.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 223.0.
.png)
Latest Global CVEs (Not Company-Specific)
Description
A weakness has been identified in code-projects Simple Food Order System 1.0. Affected is an unknown function of the file register-router.php of the component Parameter Handler. Executing a manipulation of the argument Name can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A security flaw has been discovered in code-projects Simple Food Order System 1.0. This impacts an unknown function of the file /all-tickets.php of the component Parameter Handler. Performing a manipulation of the argument Status results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A vulnerability was identified in elecV2 elecV2P up to 3.8.3. This affects the function eAxios of the file /mock of the component URL Handler. Such manipulation of the argument req leads to server-side request forgery. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet.
Risk Information
cvss2
Base: 7.5
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A vulnerability was determined in elecV2 elecV2P up to 3.8.3. The impacted element is an unknown function of the file /logs of the component Endpoint. This manipulation of the argument filename causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet.
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
A vulnerability was found in elecV2 elecV2P up to 3.8.3. The affected element is the function path.join of the file /log/ of the component Wildcard Handler. The manipulation results in path traversal. The attack may be performed from remote. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet.
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss4
Base: 5.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=sanford-health' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
