Yubico Company Cyber Security Posture
yubico.comYubico (Nasdaq First North Growth Market Stockholm: YUBICO), the inventor of the YubiKey, offers the gold standard for phishing-resistant multi-factor authentication (MFA), stopping account takeovers in their tracks and making secure login easy and available for everyone. Since the company was founded in 2007, it has been a leader in setting global standards for secure access to computers, mobile devices, servers, browsers, and internet accounts. Yubico is a creator and core contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F) open authentication standards, and is a pioneer in delivering modern, hardware-based passkey authentication security at scale to customers in over 160 countries. Yubicoโs solutions enable passwordless logins using the most secure form of passkey technology. YubiKeys work out-of-the-box across hundreds of consumer and enterprise applications and services, delivering strong security with a fast and easy experience. As part of its mission to make the internet more secure for everyone, Yubico donates YubiKeys to organizations helping at-risk individuals through the philanthropic initiative, Secure it Forward. The company is headquartered in Stockholm and Santa Clara, CA. For more information on Yubico, visit us at www.yubico.com.
Yubico Company Details
yubico
545 employees
50197.0
none
Computer and Network Security
yubico.com
339
YUB_7382343
In-progress
Yubico Risk Score (AI oriented)Between 600 and 700
This score is AI-generated and less favored by cyber insurers, who prefer the TPRM score.
Yubico Global Score.png)
Yubico Company Scoring based on AI Models
| Model Name | Date | Description | Current Score Difference | Score |
|---|---|---|---|---|
| AVERAGE-Industry | 03-12-2025 | This score represents the average cybersecurity rating of companies already scanned within the same industry. It provides a benchmark to compare an individual company's security posture against its industry peers. | N/A | Between 600 and 700 |
Yubico Company Cyber Security News & History
| Entity | Type | Severity | Impact | Seen | Url ID | Details | View |
|---|---|---|---|---|---|---|---|
| Yubico | Vulnerability | 85 | 4 | 9/2024 | YUB004090624 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: Yubico, renowned for its YubiKey 5 series hardware tokens used for two-factor authentication, faced a significant issue with a cryptographic flaw allowing cloning of the devices. This vulnerability was identified as a side channel in the Infineon microcontroller used across several authentication products. Because updating the YubiKey firmware isn't feasible, all keys with firmware versions older than 5.7 remain permanently at risk. The exploitation of this flaw requires physical access and sophisticated technical knowledge. Although the implications are concerning, there has been no reported misuse of this flaw thus far. | |||||||
Yubico Company Subsidiaries
Yubico (Nasdaq First North Growth Market Stockholm: YUBICO), the inventor of the YubiKey, offers the gold standard for phishing-resistant multi-factor authentication (MFA), stopping account takeovers in their tracks and making secure login easy and available for everyone. Since the company was founded in 2007, it has been a leader in setting global standards for secure access to computers, mobile devices, servers, browsers, and internet accounts. Yubico is a creator and core contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F) open authentication standards, and is a pioneer in delivering modern, hardware-based passkey authentication security at scale to customers in over 160 countries. Yubicoโs solutions enable passwordless logins using the most secure form of passkey technology. YubiKeys work out-of-the-box across hundreds of consumer and enterprise applications and services, delivering strong security with a fast and easy experience. As part of its mission to make the internet more secure for everyone, Yubico donates YubiKeys to organizations helping at-risk individuals through the philanthropic initiative, Secure it Forward. The company is headquartered in Stockholm and Santa Clara, CA. For more information on Yubico, visit us at www.yubico.com.
Access Data Using Our API
Get company history
Rapid.png)
Yubico Cyber Security News
Yubico Recognized as Global Authentication Leader by Top Cybersecurity and Business Industry Awards
Yubico's solutions enable passwordless logins using the most secure form of passkey technology. YubiKeys work out-of-the-box across hundreds ofย ...
Yubico backs student hackathons with YubiKeys to boost cybersecurity skills | ETIH EdTech News
Yubico supports international student-led hackathons as part of a wider effort to equip young talent with practical cybersecurity experience.
The 2 Best Security Keys for Multi-Factor Authentication of 2025 | Reviews by Wirecutter
The Yubico Security Key C NFC is the best security key for most people because it offers wide compatibility at a low price. It's the newerย ...
Yubico Issues Security Advisory As 2FA Bypass Vulnerability Confirmed
Yubico has confirmed a partial 2FA bypass issue could impact some YubiKey customersโhere's what you need to know.
Yubico expands YubiKey services to 175 countries globally
Yubico's YubiKey as a Service and delivery models now cover 175 countries, boosting global access to phishing-resistant security solutionsย ...
T-Mobile enhances security with Yubico partnership
T-Mobile has partnered with Yubico to strengthen its cybersecurity across the US. In late 2023, the telecom giant rolled out over 200,000 FIDO2ย ...
Major phishing campaign targets GitHub users with fake security alerts.
Microsoft warns of a phishing campaign that's using the "ClickFix" social engineering technique to target employees in the hospitality sector.
Yubico provides 200,000 YubiKeys to T-Mobile, predicts security trends in 2025
Yubico has partnered with T-Mobile U.S. to deploy over 200,000 phishing-resistant FIDO 2 YubiKeys to its employees, vendors and authorizedย ...
Attackers Can Evade 2FA with Yubico Software Module Bug
Yubico has warned of a high-severity issue impacting its pam-u2f software package for Yubikey and FIDO-compliant device integration.
Yubico Similar Companies
Palo Alto Networks
Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. Our mission is to be the cybersecurity partner of choice, protecting our digital way of life. We help address the world's greatest s
CrowdStrike
CrowdStrike (Nasdaq: CRWD), a global cybersecurity leader, has redefined modern security with the worldโs most advanced cloud-native platform for protecting critical areas of enterprise risk โ endpoints and cloud workloads, identity and data. Powered by the CrowdStrike Security Cloud and world-clas
Google Cloud Security
With comprehensive cybersecurity solutions, organizations can address their tough security challenges with many of the same capabilities Google uses to keep more people and organizations safe online than anyone else in the world. Experience Mandiant frontline intelligence and expertise, a modern, in
Thales Cyber Solutions
Drawing on a team of 6,000 experts and developers, Thales is a global leader in cybersecurity โรรฌ no.1 in data security - with solutions deployed in 148 countries, generating annual revenues in excess of โรยจ2 billion in the domain. Thales supports its enterprise and government customers in the cybe
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Yubico CyberSecurity History Information
How many cyber incidents has Yubico faced?
Total Incidents: According to Rankiteo, Yubico has faced 1 incident in the past.
What types of cybersecurity incidents have occurred at Yubico?
Incident Types: The types of cybersecurity incidents that have occurred incident Vulnerability.
Incident Details
Can you provide details on each incident?
Incident : Cryptographic Vulnerability
Title: Cryptographic Flaw in YubiKey 5 Series
Description: Yubico faced a significant issue with a cryptographic flaw allowing cloning of the YubiKey 5 series devices. This vulnerability was identified as a side channel in the Infineon microcontroller used across several authentication products. Because updating the YubiKey firmware isn't feasible, all keys with firmware versions older than 5.7 remain permanently at risk. The exploitation of this flaw requires physical access and sophisticated technical knowledge. Although the implications are concerning, there has been no reported misuse of this flaw thus far.
Type: Cryptographic Vulnerability
Attack Vector: Side Channel
Vulnerability Exploited: Cryptographic Flaw in Infineon Microcontroller
What are the most common types of attacks the company has faced?
Common Attack Types: The most common types of attacks the company has faced is Vulnerability.
Impact of the Incidents
What was the impact of each incident?
Incident : Cryptographic Vulnerability YUB004090624
Systems Affected: YubiKey 5 series devices with firmware versions older than 5.7
Which entities were affected by each incident?
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident?
Incident : Cryptographic Vulnerability YUB004090624
Root Causes: Cryptographic flaw in Infineon microcontroller
Additional Questions
Impact of the Incidents
What was the most significant system affected in an incident?
Most Significant System Affected: The most significant system affected in an incident was YubiKey 5 series devices with firmware versions older than 5.7.
What Do We Measure?
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
