Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
United States Federal Government

United States Federal Government Vendor Cyber Rating & Cyber Score

usa.gov

The federal government of the United States (U.S. federal government) is the national government of the United States, a federal republic in North America, composed of 50 states, a federal district, five major self-governing territories and several island possessions. The federal government is composed of three distinct branches: legislative, executive and judicial, whose powers are vested by the U.S. Constitution in the Congress, the president and the federal courts, respectively. The powers and duties of these branches are further defined by acts of Congress, including the creation of executive departments and courts inferior to the Supreme Court.


USFG A.I CyberSecurity Scoring

USFG
Company Information
Website:https://www.usa.gov
Employees number:4,300
Number of followers:10,486
NAICS:92
Industry Type:Government Administration
Homepage:usa.gov
USFG Risk Score (AI oriented)
Between 0 and 549
logo
USFGGovernment Administration
Updated:
05/05/2026
307/1000
Critical
C
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
USFG Global Score (TPRM)
xxxx
logo
USFGGovernment Administration
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

USFG
USFGCritical
Current Score
307C (CRITICAL)
01000
5 incidents
-20 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
331Before Incident
JUNE 2026
316Before Incident
MAY 2026
307Before Incident
APRIL 2026
297Before Incident
MARCH 2026
293Before Incident
FEBRUARY 2026
282Before Incident
JANUARY 2026
276Before Incident
DECEMBER 2025
262Before Incident
NOVEMBER 2025
251Before Incident
OCTOBER 2025
248Before Incident
SEPTEMBER 2025
258Before Incident
Cyber Attack
29 Sep 2025USFG
U.S. Federal Government (Representative Moolenaar's office and associated entities)

APT41 Impersonation Attack Targeting Representative Moolenaar During U.S.-China Trade Talks

238After Incident
HIGH-20
UNI1153111110725
APT41, a state-sponsored advanced persistent threat group linked to China, impersonated Representative Moolenaar via a spear-phishing email targeting trade groups and law firms during U.S.-China trade negotiations. The attack involved a malicious draft proposal attachment soliciting input, exploiting recipients' trust in Moolenaar’s authority to gather strategic insights, policy feedback, and potentially sensitive trade-related intelligence. The emotional manipulation—leveraging flattery and perceived exclusivity—heightened the attack’s credibility. While no explicit data breach (e.g., financial or PII theft) was confirmed, the operation aimed to compromise confidential trade discussions, undermining U.S. negotiation leverage. The incident underscored vulnerabilities in federal email security, particularly against AI-enhanced impersonation attacks, and highlighted gaps in BOD 18-01 compliance (SPF/DKIM/DMARC) and zero-trust adoption. The attack’s timing and targeting of high-profile stakeholders elevated risks of geopolitical espionage and reputational damage to U.S. trade policy integrity.
INCIDENT DETAILS -
TYPE
PhishingImpersonationSocial EngineeringEspionage
MOTIVATION
EspionageIntelligence Gathering on U.S.-China Trade TalksExploiting Geopolitical Tensions
IMPACT
Potential Intelligence on Trade NegotiationsRecipient Input/Feedback on Draft ProposalsPotential Compromise of Trade StrategyErosion of Trust in Email CommunicationsUndermined Trust in Government Email CommunicationsHighlighted Vulnerabilities in Federal Email Security
DATA BREACH
Strategic Trade Negotiation InsightsStakeholder Feedback on Draft ProposalsSensitivity Of Data: High (Geopolitical and Economic Sensitivity)Data Exfiltration: Likely (Intelligence Gathering)Draft Proposal Documents (Malicious Attachment)
AUGUST 2025
249Before Incident
JULY 2025
756Before Incident
Ransomware
01 Jul 2025USFG
Government 911 Emergency System: Latvian Cybercriminal Jailed for Role in Multi-Million Dollar Ransomware Scheme

Latvian Cybercriminal Sentenced for Role in Major Ransomware Operation

229After Incident
CRITICAL-527
UNI1777983923
Latvian Cybercriminal Sentenced for Role in Major Ransomware Operation A Latvian national, Deniss Zolotarjovs, has been sentenced to 102 months in prison for his involvement in a Russian-linked ransomware syndicate that targeted over 54 companies worldwide between June 2021 and August 2023. The sentencing, announced by the U.S. Department of Justice, marks a key victory in dismantling international cybercrime networks. Zolotarjovs played a central role in the group’s extortion operations, which operated under multiple ransomware brands, including Conti, Karakurt, Royal, TommyLeaks, SchoolBoys Ransomware, and Akira. His primary responsibility was escalating pressure on victims who resisted ransom demands by analyzing stolen data and leveraging sensitive information to force compliance. In one case, he exploited children’s health records from a pediatric healthcare provider, threatening to leak or sell the data if payments were not made. Court documents reveal he distributed sensitive records to hundreds of patients to amplify fear. The financial impact of the group’s attacks was severe. 13 companies reported losses exceeding $56 million, including $2.8 million in ransom payments, while 41 additional victims are believed to have paid around $13 million. Authorities estimate the total financial damage could reach hundreds of millions, factoring in underreported incidents. Beyond monetary losses, the attacks exposed Social Security numbers, healthcare records, and personal data, with one incident disabling a government 911 emergency system, raising public safety concerns. The ransomware operation functioned as a highly organized criminal enterprise, with members based primarily in Russia, including an office in St. Petersburg. Investigators found the group used shell companies across Russia, Europe, and the U.S. to obscure its activities. Some members had ties to former Russian law enforcement, enabling access to databases, intimidation tactics, and recruitment efforts while evading scrutiny through bribes and corruption. Zolotarjovs was arrested in Georgia in December 2023 and extradited to the U.S. in August 2024 after contesting the process. In July 2025, he pleaded guilty to conspiracy to commit money laundering and wire fraud. The case was led by the FBI, with support from international partners, underscoring law enforcement’s cross-border efforts to track cybercriminals. Authorities continue to investigate related actors and networks as part of broader efforts to disrupt global ransomware operations. The sentencing highlights the persistent threat posed by such groups to businesses and critical infrastructure.
INCIDENT DETAILS -
TYPE
Ransomware
MOTIVATION
Financial gain, data extortion
IMPACT
Financial Loss: $56 million (reported by 13 companies) + ~$13 million (estimated from 41 additional victims)Data Compromised: Social Security numbers, healthcare records, personal data, children’s health recordsSystems Affected: Government 911 emergency system, corporate systemsOperational Impact: Disabled 911 emergency system, disrupted business operationsIdentity Theft Risk: High (exposure of Social Security numbers and personal data)
DATA BREACH
Social Security numbershealthcare recordspersonal datachildren’s health recordsNumber Of Records Exposed: Hundreds (pediatric healthcare provider case)Sensitivity Of Data: HighData Exfiltration: YesPersonally Identifiable Information: Yes
JANUARY 2025
754Before Incident
Breach
01 Jan 2025USFG
Tencent, MySpace, Twitter, Weibo, Canva, Adobe, Deezer, AdultFriendFinder, U.S. Government and Brazil Government: The 12-Terabyte Ghost: How a Record-Shattering Data Leak Is Arming a New Generation of Cyberattacks

Mother of All Breaches (MOAB)

489After Incident
CRITICAL-265
TENMYSTWITENCANADODEEFRIUNIBRA1769520245
The "Mother of All Breaches": 26 Billion Records Exposed in Unprecedented Data Leak Security researchers have uncovered what may be the largest compilation of stolen credentials in history a 12-terabyte database dubbed the "Mother of All Breaches" (MOAB), containing 26 billion records from thousands of prior data leaks. Discovered by researcher Bob Dyachenko of SecurityDiscovery.com in collaboration with Cybernews, the dataset was found on an open, publicly accessible server, though its owner remains unknown. Unlike a single hack, the MOAB is a "compilation of breaches" (COB), aggregating credentials from major platforms, including: - 1.5 billion records from Tencent - 504 million from Weibo - 360 million from MySpace - 281 million from Twitter (X) - Millions more from LinkedIn, Adobe, Canva, Deezer, AdultFriendFinder, and others The dataset also includes records from government organizations in the U.S., Brazil, Germany, the Philippines, and Turkey, amplifying risks for both individuals and enterprises. ### Why This Breach Is a Game-Changer The MOAB’s danger lies in its consolidation and accessibility. Instead of scattered leaks, attackers now have a single, searchable repository for credential stuffing, phishing, and targeted attacks. While many passwords are outdated, the sheer volume ensures some will still work especially given widespread password reuse. Worse, experts warn the dataset may include fresh data from infostealer malware, which harvests current credentials, browser cookies, and autofill details. This hybrid threat combining historical breaches with live infections creates a highly effective tool for cybercriminals, from low-level fraudsters to initial access brokers (IABs) selling corporate network access to ransomware gangs. ### The Fallout: A New Era of Cyber Risk The MOAB’s impact extends beyond individuals. Corporate and government networks are at heightened risk due to employees reusing passwords across personal and work accounts. A single compromised credential could provide attackers with a foothold for devastating intrusions. Security experts emphasize that password-only authentication is now obsolete against such a vast dataset. The breach underscores the urgent need for multi-factor authentication (MFA), particularly phishing-resistant methods like FIDO2 security keys. Continuous monitoring of credentials against breach databases is also critical. With the data now in the wild, the MOAB will fuel cyberattacks for years, marking a sobering shift in the threat landscape. The leak serves as a stark reminder: once exposed, data never truly disappears it only becomes more dangerous.
INCIDENT DETAILS -
TYPE
Data Breach
MOTIVATION
Credential harvesting, cybercrime, initial access brokerage
IMPACT
Data Compromised: 26 billion recordsOperational Impact: Heightened risk of credential stuffing, phishing, and targeted attacksBrand Reputation Impact: Potential reputational damage for affected platformsIdentity Theft Risk: High
DATA BREACH
Type Of Data Compromised: Credentials, personally identifiable information, browser cookies, autofill detailsNumber Of Records Exposed: 26 billionSensitivity Of Data: High (includes PII, government data, and potential fresh infostealer malware data)Personally Identifiable Information: Yes
Breach
01 Jan 2025USFG
Experian, Equifax, U.S. Government and Internal Revenue Service: Social Security data breach raises identity theft risk for millions

Unauthorized Social Security Data Access Raises Identity Theft Risks for Millions

489After Incident
CRITICAL-265
EXPEQUUNIIRS1769265453
Unauthorized Social Security Data Access Raises Identity Theft Risks for Millions The Trump administration recently acknowledged in a court filing that U.S. agents accessed and shared sensitive Social Security data without authorization, following whistleblower allegations and a lawsuit claiming the information was misused for political purposes. While the full scope of the exposure remains unclear, cybersecurity and privacy experts warn that the breach underscores a persistent threat: Social Security numbers (SSNs) are among the most valuable tools for identity thieves, enabling fraud that often goes undetected until financial or tax-related damage occurs. Experts emphasize that even limited exposure of SSNs can lead to severe consequences, including fraudulent credit applications, tax refund theft, medical identity theft, and unauthorized account takeovers. Criminals may use stolen data to file bogus insurance claims, manipulate medical records, or open new financial accounts activity that may not appear on traditional credit reports. Former federal prosecutor and privacy advocate Loewry noted that financial crimes rarely originate from credit reports, making proactive monitoring of bank, investment, and retirement accounts critical. To mitigate risks, experts recommend several immediate steps: - Freezing credit at all three major bureaus (Equifax, Experian, TransUnion) and the National Consumer Telecom & Utilities Exchange (NCTUE), which is used for telecom and utility approvals. - Establishing an online Social Security account to prevent criminals from redirecting benefit payments. - Obtaining an IRS Identity Protection PIN to block fraudulent tax filings. - Enabling two-factor authentication on financial and online accounts. - Monitoring the dark web for signs of exposed personal data, such as SSNs or email addresses. The breach highlights broader vulnerabilities in how SSNs are stored and accessed, with experts advising consumers not to wait for confirmation of exposure before taking protective measures. Given the long-term risks including fraud that may surface years after initial exposure vigilance across all financial and medical accounts is essential.
INCIDENT DETAILS -
TYPE
Data Breach
MOTIVATION
Political misuse (alleged)
IMPACT
Data Compromised: Social Security numbers (SSNs)Brand Reputation Impact: Potential reputational damage to U.S. government agenciesLegal Liabilities: Lawsuit and regulatory scrutinyIdentity Theft Risk: High (fraudulent credit applications, tax refund theft, medical identity theft, account takeovers)
DATA BREACH
Type Of Data Compromised: Social Security numbers (SSNs)Sensitivity Of Data: High (PII)Personally Identifiable Information: SSNs, potential financial and medical data
NOVEMBER 2022
769Before Incident
Cyber Attack
01 Nov 2022USFG
United States Federal Government

U.S. Federal Network Cyberattack

743After Incident
CRITICAL-26
UNI1045221122
The U.S. Cybersecurity Infrastructure and Security Agency discovered a potential cyberattack on the U.S. Federal network, in which attackers have taken control of the organization's DC and used cryptominers and credential harvesters. The attack, according to CISA, was started by hackers supported by the Iranian government who installed the XMRig crypto mining software, moved laterally to the domain controller (DC), stole passwords, and then placed Ngrok reverse proxies on a number of sites to ensure persistence. With the aid of EINSTEIN, an intrusion detection system deployed across the FCEB, CISA conducts a routine investigation and suspected harmful APT activity on the FCEB network (IDS).
INCIDENT DETAILS -
TYPE
Cyberattack
MOTIVATION
Cryptocurrency miningCredential theft
IMPACT
Domain Controller (DC)

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for USFG ?
?
What was USFG's A.I Rankiteo Cyber Score in June 2026 ?
?
What was USFG's A.I Rankiteo Cyber Score in May 2026 ?
?
What was USFG's A.I Rankiteo Cyber Score in April 2026 ?
?
What was USFG's A.I Rankiteo Cyber Score in March 2026 ?
?
What was USFG's A.I Rankiteo Cyber Score in February 2026 ?
?
What was USFG's A.I Rankiteo Cyber Score in January 2026 ?
?
What was USFG's A.I Rankiteo Cyber Score in December 2025 ?
?
What was USFG's A.I Rankiteo Cyber Score in November 2025 ?
?
What was USFG's A.I Rankiteo Cyber Score in October 2025 ?
?
What was USFG's A.I Rankiteo Cyber Score in September 2025 ?
?
What was USFG's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on USFG's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with USFG ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view USFG's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?