CB
Company Details
Linkedin ID:
city-of-boston
Website:
Employees number:
4,488
Number of followers:
56,463
NAICS:
92
Industry Type:
Homepage:
boston.gov
IP Addresses:
0
Company ID:
CIT_3071840
Scan Status:
In-progress
City of Boston Company CyberSecurity Posture
boston.gov
Public service is a noble calling: to help others, to make our communities stronger, and to uphold the public trust. As city employees, we see the results of our hard work in our own community— in street and infrastructure improvements, new buildings rising from the ground, safer and more prosperous neighborhoods, and happier, healthier children, families, and senior citizens. We may all come from different backgrounds, but we are connected through our passion for service. What we do at work today, and everyday, shapes the Boston of tomorrow. Join us! The City of Boston is proud to be an Equal Opportunity Employer. We are committed to creating a diverse and inclusive environment. Therefore, qualified applicants will be considered regardless of their sex, race, age, religion, color, national origin, ancestry, physical or mental disability genetic information, marital status, sexual orientation, gender identity, gender expression, military and veteran status, or other protected category.
City of Boston A.I CyberSecurity Scoring
CB Risk Score (AI oriented)Between 700 and 749
CB
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
CB Global Score (TPRM)XXXX
CB
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
CB Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
City of Boston: ‘Security breach’ at Boston City Hall gives masked intruder free rein to steal from employees
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: Two Boston city councilors are sounding the alarm on a “security breach” that occurred this week at City Hall, where an intruder was given free rein to rifle through office suites and steal wallets stuffed with cash and credit cards from employees. Councilors Ed Flynn and Erin Murphy are calling for the city to tighten up security protocols in light of the intrusion and theft revealed in an email from the city’s property management department that was sent to City Hall staff on Tuesday and obtained by the Herald. Meanwhile, Mayor Michelle Wu’s office said steps have already been taken to increase security patrols in response to the incident and a review is underway to determine whether protocols should be enhanced further. “Yesterday, an unauthorized member of the public entered several office suites in City Hall and stole personal belongings from employees,” Tuesday’s email from the city states. “Property management and Boston Police are aware of the incidents and are collaborating on the investigation, as this is unacceptable and clearly violates feelings of trust and safety in our workplace. “While City Hall is a welcoming building open to the public, only authorized personnel are allowed in office suites. This is a reminder that all staff need to be diligent, questioning any unfamiliar individuals within office suites, protecting all personal belongings, and alerting security of any suspicious behavior.” Multiple Boston Police Department reports shed more light on th
CB Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for CB
Incidents vs Government Administration Industry Average (This Year)
City of Boston has 51.52% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
City of Boston has 56.25% more incidents than the average of all companies with at least one recorded incident.
Incident Types CB vs Government Administration Industry Avg (This Year)
City of Boston reported 1 incidents this year: 0 cyber attacks, 0 ransomware, 0 vulnerabilities, 1 data breaches, compared to industry peers with at least 1 incident.
Incident History — CB (X = Date, Y = Severity)
CB cyber incidents detection timeline including parent company and subsidiaries
CB Company Subsidiaries
Public service is a noble calling: to help others, to make our communities stronger, and to uphold the public trust. As city employees, we see the results of our hard work in our own community— in street and infrastructure improvements, new buildings rising from the ground, safer and more prosperous neighborhoods, and happier, healthier children, families, and senior citizens. We may all come from different backgrounds, but we are connected through our passion for service. What we do at work today, and everyday, shapes the Boston of tomorrow. Join us! The City of Boston is proud to be an Equal Opportunity Employer. We are committed to creating a diverse and inclusive environment. Therefore, qualified applicants will be considered regardless of their sex, race, age, religion, color, national origin, ancestry, physical or mental disability genetic information, marital status, sexual orientation, gender identity, gender expression, military and veteran status, or other protected category.
Loading...
CB Similar Companies
FDA
The Food and Drug Administration is an agency within the Department of Health and Human Services. The FDA is responsible for protecting the public health by ensuring the safety, efficacy, and security of human and veterinary drugs, biological products, and medical devices; and by ensuring the safet
National Park Service
Most people know that the National Park Service cares for national parks, a network of over 420 natural, cultural and recreational sites across the nation. The treasures in this system – the first of its kind in the world – have been set aside by the American people to preserve, protect, and share t
City of Toronto
The City of Toronto is committed to fostering a positive and progressive workplace culture, and strives to build a workforce that reflects the citizens it serves. We are committed to building a high performing public service, with strong and effective leaders to enable service excellence, through hi
Rijksoverheid
Op vrijwel alle werkterreinen en functieniveaus biedt de Rijksoverheid leuke en boeiende banen. Vacatures zijn bovendien in heel Nederland te vinden. Waar voor jou precies de mogelijkheden liggen hangt onder andere samen met je vooropleiding. Zowel met een mbo- of hbo-diploma als met een universitai
CONICET
El Consejo Nacional de Investigaciones Científicas y Técnicas (CONICET) es el principal organismo dedicado a la promoción de la ciencia y la tecnología en la Argentina. Su actividad se desarrolla en cuatro grandes áreas: • Ciencias agrarias, ingeniería y de materiales • Ciencias biológicas y de la s
Land Niedersachsen
Der Arbeitgeber Niedersachsen vereint über 2000 Dienststellen mit einem gemeinsamen Ziel: Wir gestalten das Leben in Niedersachsen verantwortungsvoll und zukunftsorientiert. Als der größte Arbeitgeber im Land Niedersachsen bieten wir sichere Arbeitsplätze, sinnstiftende Aufgaben und vielfältige Ei
IBGE
The Brazilian Institute of Geography and Statistics or IBGE (Portuguese: Instituto Brasileiro de Geografia e Estatística), is the agency responsible for statistical, geographic, cartographic, geodetic and environmental information in Brazil. The IBGE performs a national census every ten years, and t
State of Florida
Join Florida’s talented workforce to fulfill your professional goals and achieve a meaningful career. Our talented public servants work hard to serve more than 19 million residents across Florida, and you, too, can realize success in the Sunshine State. Working in Florida’s state government mean
Ministry of Environment and Urbanism
MINISTRY of ENVIRONMENT and URBANISM (MEU) MAIN SERVICE UNITS ================== 1) General Directorate of Construction Works 2) General Directorate of Spatial Planning 3) General Directorate of Environmental Management 4) General Directorate of EIA, Permits and Control 5) General Directo
.png)
CB CyberSecurity News
December 04, 2025 12:18 AM
City Alerts Residents to CodeRED Cybersecurity Incident
Special to the Independent The City of Everett is notifying residents of a nationwide cyber-attack…
November 20, 2025 09:16 PM
City of Attleboro investigating cybersecurity incident, impacting city’s IT systems
November 20, 2025 08:00 AM
Attleboro investigating ‘cybersecurity incident' impacting city's IT systems
City officials and police in Attleboro, Massachusetts, say they are investigating a "cybersecurity incident" that has taken several of the...
November 20, 2025 08:00 AM
Attleboro says 'cybersecurity incident' disrupting city's technology systems
The city of Attleboro said Thursday that it was investigating a "cybersecurity incident" that was disrupting phone lines and email.
November 20, 2025 08:00 AM
City of Attleboro investigating cybersecurity incident, impacting city’s IT systems
The City of Attleboro, alongside Attleboro police, is investigating a cybersecurity incident that knocked several of the city's IT systems...
November 19, 2025 08:00 AM
The Future of Cybersecurity Leadership: AI, Governance & Education | Kevin Powers, Boston College
Episode 2 The Future of Cybersecurity Leadership: AI, Governance & Education | Kevin Powers, Boston College. Nov 19, 202523 mins.
November 10, 2025 08:00 AM
Manassas City Schools closed after cybersecurity incident; set to reopen Wednesday
The Brief. Manassas City Schools closed Monday after a cybersecurity breach. Superintendent says families were notified; phone and internet...
November 06, 2025 08:00 AM
SOC Prime Announces Strategic Funding Round to Advance AI-Driven Cybersecurity
Boston-based SOC Prime, a cybersecurity firm known for its AI-native detection intelligence platform, has secured a new round of strategic...
November 03, 2025 08:00 AM
Healey wants mandatory reporting of municipal cyberattacks. 2 Cape towns hit in January.
Cities and towns would be required under a plan from Gov. Maura Healey to let the state know of any cybersecurity incidents like hacks and...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
CB CyberSecurity History Information
Official Website of City of Boston
The official website of City of Boston is http://boston.gov.
City of Boston’s AI-Generated Cybersecurity Score
According to Rankiteo, City of Boston’s AI-generated cybersecurity score is 702, reflecting their Moderate security posture.
How many security badges does City of Boston’ have ?
According to Rankiteo, City of Boston currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does City of Boston have SOC 2 Type 1 certification ?
According to Rankiteo, City of Boston is not certified under SOC 2 Type 1.
Does City of Boston have SOC 2 Type 2 certification ?
According to Rankiteo, City of Boston does not hold a SOC 2 Type 2 certification.
Does City of Boston comply with GDPR ?
According to Rankiteo, City of Boston is not listed as GDPR compliant.
Does City of Boston have PCI DSS certification ?
According to Rankiteo, City of Boston does not currently maintain PCI DSS compliance.
Does City of Boston comply with HIPAA ?
According to Rankiteo, City of Boston is not compliant with HIPAA regulations.
Does City of Boston have ISO 27001 certification ?
According to Rankiteo,City of Boston is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of City of Boston
City of Boston operates primarily in the Government Administration industry.
Number of Employees at City of Boston
City of Boston employs approximately 4,488 people worldwide.
Subsidiaries Owned by City of Boston
City of Boston presently has no subsidiaries across any sectors.
City of Boston’s LinkedIn Followers
City of Boston’s official LinkedIn profile has approximately 56,463 followers.
NAICS Classification of City of Boston
City of Boston is classified under the NAICS code 92, which corresponds to Public Administration.
City of Boston’s Presence on Crunchbase
Yes, City of Boston has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/city-of-boston.
City of Boston’s Presence on LinkedIn
Yes, City of Boston maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/city-of-boston.
Cybersecurity Incidents Involving City of Boston
As of December 04, 2025, Rankiteo reports that City of Boston has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
City of Boston has an estimated 11,354 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at City of Boston ?
Incident Types: The types of cybersecurity incidents that have occurred include .
Additional Questions
.png)
Latest Global CVEs (Not Company-Specific)
Description
MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. Prior to 2.9.8, there is a security issue exists in the exec_in_pod tool of the mcp-server-kubernetes MCP Server. The tool accepts user-provided commands in both array and string formats. When a string format is provided, it is passed directly to shell interpretation (sh -c) without input validation, allowing shell metacharacters to be interpreted. This vulnerability can be exploited through direct command injection or indirect prompt injection attacks, where AI agents may execute commands without explicit user intent. This vulnerability is fixed in 2.9.8.
Risk Information
cvss3
Base: 6.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
Description
XML external entity (XXE) injection in eyoucms v1.7.1 allows remote attackers to cause a denial of service via crafted body of a POST request.
Description
An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to access administrative functions of the device (e.g. file upload, firmware update, reboot...) via a crafted authentication bypass.
Description
Cal.com is open-source scheduling software. Prior to 5.9.8, A flaw in the login credentials provider allows an attacker to bypass password verification when a TOTP code is provided, potentially gaining unauthorized access to user accounts. This issue exists due to problematic conditional logic in the authentication flow. This vulnerability is fixed in 5.9.8.
Risk Information
cvss4
Base: 9.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1, when an application passed an attacker controlled float poing number into the toFixed() function, it might lead to high CPU consumption and a potential Denial of Service. Small numbers go through this call stack: NativeNumber.numTo > DToA.JS_dtostr > DToA.JS_dtoa > DToA.pow5mult where pow5mult attempts to raise 5 to a ridiculous power. This vulnerability is fixed in 1.8.1, 1.7.15.1, and 1.7.14.1.
Risk Information
cvss4
Base: 5.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=city-of-boston' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
