FCENUT
Company Details
Linkedin ID:
fincen
Website:
Employees number:
600
Number of followers:
48,519
NAICS:
92
Industry Type:
Homepage:
fincen.gov
IP Addresses:
0
Company ID:
FIN_1892900
Scan Status:
In-progress
Financial Crimes Enforcement Network, US Treasury Company CyberSecurity Posture
fincen.gov
Official LinkedIn account of the Financial Crimes Enforcement Network, a U.S. Treasury bureau. Learn more at www.fincen.gov
Financial Crimes Enforcement Network, US Treasury A.I CyberSecurity Scoring
FCENUT Risk Score (AI oriented)Between 700 and 749
FCENUT
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
FCENUT Global Score (TPRM)XXXX
FCENUT
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
FCENUT Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Treasury
Cyber Attack
Rankiteo Explanation
Attack threatening the organization’s existence
Description: The Treasury was targeted in a sophisticated cyber-attack conducted by a group linked to Chinese nationals. This attack, part of a campaign that affected over 100 US organizations, compromised IT systems including management software. The severity of the intrusion led to significant damage, with the Treasury experiencing a breach of sensitive data critical to national security and economic stability. The scope and sophistication of the attack indicate a threat to both internal operations and potentially, broader national interests.
FCENUT Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for FCENUT
Incidents vs Government Administration Industry Average (This Year)
Financial Crimes Enforcement Network, US Treasury has 53.85% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
Financial Crimes Enforcement Network, US Treasury has 56.25% more incidents than the average of all companies with at least one recorded incident.
Incident Types FCENUT vs Government Administration Industry Avg (This Year)
Financial Crimes Enforcement Network, US Treasury reported 1 incidents this year: 1 cyber attacks, 0 ransomware, 0 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.
Incident History — FCENUT (X = Date, Y = Severity)
FCENUT cyber incidents detection timeline including parent company and subsidiaries
FCENUT Company Subsidiaries
Official LinkedIn account of the Financial Crimes Enforcement Network, a U.S. Treasury bureau. Learn more at www.fincen.gov
Loading...
FCENUT Similar Companies
Social Security Administration
Social Security provides financial protection for our nation’s people, supporting more than 64 million individuals and families. With retirement, disability, and survivors benefits, Social Security is one of the most successful anti-poverty programs in our nation's history. We are there throughout
City of Houston
Home to a respected and energetic cultural arts scene, celebrated restaurants featuring flavors from 35 countries, world-renowned theater groups and the brains behind U.S. space exploration, Houston is a diverse metropolis brimming with personality. With nearly 21,000 concerts, plays, exhibition
GSA
General Services Administration (GSA) is an independent agency of the United States government established in 1949 to help manage and support the basic functioning of federal agencies. Our organization includes the Public Buildings Service (PBS), Federal Acquisition Service (FAS), and a variety of S
State of Michigan
Every day the contributions and achievements of State of Michigan employees have a direct impact on over 10 million Michiganders across the state. If you're looking for a fulfilling career in state government that can make a real difference in the lives of others, you can find your place working wit
Correios
Empresa Brasileira de Correios e Telégrafos foi criada como empresa em 1969 por decreto lei. Hoje conta com mais de 100.000 empregados, tem presença em todos os municípios do Brasil. NEGÓCIO: Soluções que aproximam. MISSÃO: Fornecer soluções acessíveis e confiáveis para conectar pessoas, institu
Internal Revenue Service
Welcome to the Internal Revenue Service’s official LinkedIn account. Here, you will find the latest and greatest news and updates for taxpayers to help them understand and meet their tax responsibilities. Also, this is a place to learn about a meaningful career with the IRS. Check out the tabs above
Official LinkedIn page for the state of Oregon. Oregon is a state in the Pacific Northwest region of the United States. It is located on the Pacific coast, with Washington to the north, California to the south, Nevada on the southeast and Idaho to the east. The Columbia and Snake rivers delineate mu
FDA
The Food and Drug Administration is an agency within the Department of Health and Human Services. The FDA is responsible for protecting the public health by ensuring the safety, efficacy, and security of human and veterinary drugs, biological products, and medical devices; and by ensuring the safet
Government of Alberta
Work with the Alberta government to build a stronger province for current and future generations. We offer diverse and rewarding employment opportunities in an environment that encourages continuous learning and career growth. We are one of the largest employers in Alberta with over 27,000 empl
.png)
FCENUT CyberSecurity News
November 12, 2025 08:00 AM
Fraud and Scam Prevention Series: Navigating Increasingly Sophisticated Cybersecurity Threat and Fraud Tactics
Cybersecurity risks are evolving, in part because bad actors – including scammers and fraudsters – are leveraging widely available...
October 30, 2025 07:00 AM
2026 banking and capital markets outlook
2026 is pivotal for US banks as they navigate macro headwinds, stablecoin disruption, scaling AI, fragmented data, and financial crime.
October 16, 2025 07:00 AM
Speakers | Elder Fraud Prevention Summit
Andrea Higgens, Inspector, Elder Protection Unit, San Mateo County District Attorney's Office. Andrea Higgens is a criminal elder and...
October 10, 2025 07:00 AM
NDAA calls for Treasury-led report on AI to fight money laundering
Sen. Ruben Gallego, D-Ariz., wants the Financial Crimes Enforcement Network and other financial regulators to assess the effectiveness of AI...
September 29, 2025 07:00 AM
FinCEN seeks to lighten the regulatory load on casinos
Regulatory relief from anti-money laundering rules is in the cards for casinos, insurance companies and other non-bank financial...
September 10, 2025 07:00 AM
Treasury Sanctions Southeast Asian Networks Targeting Americans with Cyber Scams
The Department of the Treasury's Office of Foreign Assets Control (OFAC) has implemented sanctions against large network of scam centers...
August 28, 2025 07:00 AM
FinCEN again delays U.S. ban on three Mexican financial institutions
The order barring three Mexican financial institutions from doing business with U.S. financial institutions has been delayed until October.
August 19, 2025 07:00 AM
Credit Union Artificial Intelligence (AI) Resources
NCUA resources that can be referenced when evaluating or performing due diligence on third-party vendors that provide artificial...
August 08, 2025 07:00 AM
A Closer Look at the Trump Administration’s Comprehensive Report on Digital Assets
The Trump administration's Working Group on Digital Asset Markets has released a comprehensive report outlining some 100 policy and...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
FCENUT CyberSecurity History Information
Official Website of Financial Crimes Enforcement Network, US Treasury
The official website of Financial Crimes Enforcement Network, US Treasury is https://www.fincen.gov.
Financial Crimes Enforcement Network, US Treasury’s AI-Generated Cybersecurity Score
According to Rankiteo, Financial Crimes Enforcement Network, US Treasury’s AI-generated cybersecurity score is 743, reflecting their Moderate security posture.
How many security badges does Financial Crimes Enforcement Network, US Treasury’ have ?
According to Rankiteo, Financial Crimes Enforcement Network, US Treasury currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Financial Crimes Enforcement Network, US Treasury have SOC 2 Type 1 certification ?
According to Rankiteo, Financial Crimes Enforcement Network, US Treasury is not certified under SOC 2 Type 1.
Does Financial Crimes Enforcement Network, US Treasury have SOC 2 Type 2 certification ?
According to Rankiteo, Financial Crimes Enforcement Network, US Treasury does not hold a SOC 2 Type 2 certification.
Does Financial Crimes Enforcement Network, US Treasury comply with GDPR ?
According to Rankiteo, Financial Crimes Enforcement Network, US Treasury is not listed as GDPR compliant.
Does Financial Crimes Enforcement Network, US Treasury have PCI DSS certification ?
According to Rankiteo, Financial Crimes Enforcement Network, US Treasury does not currently maintain PCI DSS compliance.
Does Financial Crimes Enforcement Network, US Treasury comply with HIPAA ?
According to Rankiteo, Financial Crimes Enforcement Network, US Treasury is not compliant with HIPAA regulations.
Does Financial Crimes Enforcement Network, US Treasury have ISO 27001 certification ?
According to Rankiteo,Financial Crimes Enforcement Network, US Treasury is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Financial Crimes Enforcement Network, US Treasury
Financial Crimes Enforcement Network, US Treasury operates primarily in the Government Administration industry.
Number of Employees at Financial Crimes Enforcement Network, US Treasury
Financial Crimes Enforcement Network, US Treasury employs approximately 600 people worldwide.
Subsidiaries Owned by Financial Crimes Enforcement Network, US Treasury
Financial Crimes Enforcement Network, US Treasury presently has no subsidiaries across any sectors.
Financial Crimes Enforcement Network, US Treasury’s LinkedIn Followers
Financial Crimes Enforcement Network, US Treasury’s official LinkedIn profile has approximately 48,519 followers.
NAICS Classification of Financial Crimes Enforcement Network, US Treasury
Financial Crimes Enforcement Network, US Treasury is classified under the NAICS code 92, which corresponds to Public Administration.
Financial Crimes Enforcement Network, US Treasury’s Presence on Crunchbase
No, Financial Crimes Enforcement Network, US Treasury does not have a profile on Crunchbase.
Financial Crimes Enforcement Network, US Treasury’s Presence on LinkedIn
Yes, Financial Crimes Enforcement Network, US Treasury maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/fincen.
Cybersecurity Incidents Involving Financial Crimes Enforcement Network, US Treasury
As of December 03, 2025, Rankiteo reports that Financial Crimes Enforcement Network, US Treasury has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Financial Crimes Enforcement Network, US Treasury has an estimated 11,264 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Financial Crimes Enforcement Network, US Treasury ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack.
Incident Details
Can you provide details on each incident ?
Title: Sophisticated Cyber-Attack on the Treasury
Description: The Treasury was targeted in a sophisticated cyber-attack conducted by a group linked to Chinese nationals. This attack, part of a campaign that affected over 100 US organizations, compromised IT systems including management software. The severity of the intrusion led to significant damage, with the Treasury experiencing a breach of sensitive data critical to national security and economic stability. The scope and sophistication of the attack indicate a threat to both internal operations and potentially, broader national interests.
Type: Cyber-Attack
Threat Actor: Group linked to Chinese nationals
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
Impact of the Incidents
What was the impact of each incident ?
Incident : Cyber-Attack FIN132030625
Data Compromised: Sensitive data critical to national security and economic stability
Systems Affected: IT systemsManagement software
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Sensitive data critical to national security and economic stability.
Which entities were affected by each incident ?
Incident : Cyber-Attack FIN132030625
Entity Name: The Treasury
Entity Type: Government
Industry: Public Sector
Location: United States
Data Breach Information
What type of data was compromised in each breach ?
Incident : Cyber-Attack FIN132030625
Type of Data Compromised: Sensitive data critical to national security and economic stability
Sensitivity of Data: High
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Group linked to Chinese nationals.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Sensitive data critical to national security and economic stability and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was IT systemsManagement software.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was Sensitive data critical to national security and economic stability.
.png)
Latest Global CVEs (Not Company-Specific)
Description
vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.11.1, vllm has a critical remote code execution vector in a config class named Nemotron_Nano_VL_Config. When vllm loads a model config that contains an auto_map entry, the config class resolves that mapping with get_class_from_dynamic_module(...) and immediately instantiates the returned class. This fetches and executes Python from the remote repository referenced in the auto_map string. Crucially, this happens even when the caller explicitly sets trust_remote_code=False in vllm.transformers_utils.config.get_config. In practice, an attacker can publish a benign-looking frontend repo whose config.json points via auto_map to a separate malicious backend repo; loading the frontend will silently run the backend’s code on the victim host. This vulnerability is fixed in 0.11.1.
Risk Information
cvss3
Base: 7.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Description
fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. Prior to 12.5.0, by crafting a malicious URL, an attacker could access routes that are not allowed, even though the reply.from is defined for specific routes in @fastify/reply-from. This vulnerability is fixed in 12.5.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.
Risk Information
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Portkey.ai Gateway is a blazing fast AI Gateway with integrated guardrails. Prior to 1.14.0, the gateway determined the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then appends the client-specified path to perform an external fetch. This can be maliciously used by users for SSRF attacks. This vulnerability is fixed in 1.14.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=fincen' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
