Company Details
us-census-bureau
11,969
63,325
92
census.gov
0
U.S_1398862
In-progress

U.S. Census Bureau Company CyberSecurity Posture
census.govThe Census Bureau serves as the nation’s leading provider of quality data about its people and economy. We have been headquartered in Suitland, Maryland since 1942, and currently employ about 4,285 staff members. We are part of the U.S. Department of Commerce and overseen by the Economics and Statistics Administration (ESA). We honor privacy, protect confidentiality, share our expertise globally, and conduct our work openly. We are guided on this mission by our strong and capable workforce, our readiness to innovate, and our abiding commitment to our customers. View our comment policy: https://www.census.gov/about/contact-us/comment-policy.html View our privacy policy: https://www.census.gov/about/policies/privacy/privacy-policy.html
Company Details
us-census-bureau
11,969
63,325
92
census.gov
0
U.S_1398862
In-progress
Between 750 and 799

UCB Global Score (TPRM)XXXX

Description: United States Census Bureau fell victim to a cyberattack in January 2020 that was traced back to a Citrix vulnerability. The attackers managed to breach the internal network used to manage the agency’s remote workers but the automated firewall blocked communications with the attacker’s command and control servers. No census information or data was accessed by the attackers as the backdoor was discovered and removed.


No incidents recorded for U.S. Census Bureau in 2025.
No incidents recorded for U.S. Census Bureau in 2025.
No incidents recorded for U.S. Census Bureau in 2025.
UCB cyber incidents detection timeline including parent company and subsidiaries

The Census Bureau serves as the nation’s leading provider of quality data about its people and economy. We have been headquartered in Suitland, Maryland since 1942, and currently employ about 4,285 staff members. We are part of the U.S. Department of Commerce and overseen by the Economics and Statistics Administration (ESA). We honor privacy, protect confidentiality, share our expertise globally, and conduct our work openly. We are guided on this mission by our strong and capable workforce, our readiness to innovate, and our abiding commitment to our customers. View our comment policy: https://www.census.gov/about/contact-us/comment-policy.html View our privacy policy: https://www.census.gov/about/policies/privacy/privacy-policy.html


Region Midtjyllands mål er at skabe sundhed, trivsel, vækst og velstand for regionens 1,3 millioner borgere. Vi er cirka 30.000 kolleger, der er fælles om at sikre helhed og sammenhæng for patienter, brugere og borgere i regionen. Det gælder lige fra at tilbyde den bedste behandling her og nu til

Its main functions are to: collect and administer all national taxes, duties and levies; collect revenue that may be imposed under any other legislation, as agreed on between SARS and an organ of state or institution entitled to the revenue; provide protection against the illegal importation

State government is the largest employer in Tennessee, with approximately 43,500 employees in the three branches of government. The State of Tennessee has approximately 1,300 different job classifications in areas such as administrative, health services, historic preservation, legal, agriculture, co

The Brazilian Institute of Geography and Statistics or IBGE (Portuguese: Instituto Brasileiro de Geografia e Estatística), is the agency responsible for statistical, geographic, cartographic, geodetic and environmental information in Brazil. The IBGE performs a national census every ten years, and t

Rijkswaterstaat is de uitvoeringsorganisatie van het Ministerie van Infrastructuur en Waterstaat. We beheren en ontwikkelen de rijkswegen, -vaarwegen en –wateren en zetten in op een duurzame leefomgeving. Samen met andere organisaties werken we aan een land dat beschermd is tegen overstromingen. Wa

MINISTRY of ENVIRONMENT and URBANISM (MEU) MAIN SERVICE UNITS ================== 1) General Directorate of Construction Works 2) General Directorate of Spatial Planning 3) General Directorate of Environmental Management 4) General Directorate of EIA, Permits and Control 5) General Directo

The Government of Canada works on behalf of Canadians, both at home and abroad. Visit www.Canada.ca to learn more. Canada’s professional, non-partisan public service is among the best in the world, and many of its departments and agencies place in Canada’s Top 100 Employers year after year. If you

Work With Purpose. Shape Seattle. Inspire the World. Seattle is more than a world-class city — it’s a vibrant, evolving community rooted in shared values of sustainability, innovation, and inclusion. As a public employer, the City of Seattle is committed to building a city that works for everyone —

O Instituto Nacional do Seguro Social (INSS) é uma autarquia do Governo Federal do Brasil que recebe as contribuições para a manutenção do Regime Geral da Previdência Social, sendo responsável pelo pagamento da aposentadoria, pensão por morte, auxílio-doença, auxílio-acidente, entre outros benefício
.png)
In the intricate world of data privacy and federal statistics, a Republican-backed proposal is stirring significant debate among...
The financial world finds itself adrift on October 10, 2025, as a sophisticated and unprecedented cyberattack has crippled the United...
Beau Houser serves as the Chief Information Security Officer (CISO) for the US Census Bureau where he leads the agency's cybersecurity program.
Josh Williams helps clients assess and manage the impact of US economic sanctions and export controls on their global operations.
The first United States Census was taken at the dawn of the nation in 1790, under George Washington's presidency and then-Secretary of State...
The 2030 census program could encounter multiple issues, which are likely to influence the design and implementation of the population...
Gunnison Consulting Group has secured a five-year contract from the State Department to provide cybersecurity support services for the Bureau of Consular...
In August, the not seasonally adjusted monthly unemployment rate increased from 4.2% to 4.3%. Total nonfarm employment increased by 200 jobs in the...
Cybercriminals register fake US Census Bureau domains to dupe unsuspecting citizens to provide personal information and install malware, the FBI warns.

Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
The official website of U.S. Census Bureau is http://www.census.gov.
According to Rankiteo, U.S. Census Bureau’s AI-generated cybersecurity score is 776, reflecting their Fair security posture.
According to Rankiteo, U.S. Census Bureau currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
According to Rankiteo, U.S. Census Bureau is not certified under SOC 2 Type 1.
According to Rankiteo, U.S. Census Bureau does not hold a SOC 2 Type 2 certification.
According to Rankiteo, U.S. Census Bureau is not listed as GDPR compliant.
According to Rankiteo, U.S. Census Bureau does not currently maintain PCI DSS compliance.
According to Rankiteo, U.S. Census Bureau is not compliant with HIPAA regulations.
According to Rankiteo,U.S. Census Bureau is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
U.S. Census Bureau operates primarily in the Government Administration industry.
U.S. Census Bureau employs approximately 11,969 people worldwide.
U.S. Census Bureau presently has no subsidiaries across any sectors.
U.S. Census Bureau’s official LinkedIn profile has approximately 63,325 followers.
U.S. Census Bureau is classified under the NAICS code 92, which corresponds to Public Administration.
No, U.S. Census Bureau does not have a profile on Crunchbase.
Yes, U.S. Census Bureau maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/us-census-bureau.
As of December 19, 2025, Rankiteo reports that U.S. Census Bureau has experienced 1 cybersecurity incidents.
U.S. Census Bureau has an estimated 11,745 peer or competitor companies worldwide.
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack.
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with automated firewall blocked communications, containment measures with backdoor discovered and removed..
Title: United States Census Bureau Cyberattack
Description: The United States Census Bureau fell victim to a cyberattack in January 2020 that was traced back to a Citrix vulnerability. The attackers managed to breach the internal network used to manage the agency’s remote workers but the automated firewall blocked communications with the attacker’s command and control servers. No census information or data was accessed by the attackers as the backdoor was discovered and removed.
Date Detected: January 2020
Type: Cyberattack
Attack Vector: Network Intrusion
Vulnerability Exploited: Citrix Vulnerability
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Citrix Vulnerability.

Systems Affected: Internal network for remote workers

Entity Name: United States Census Bureau
Entity Type: Government Agency
Industry: Government
Location: United States

Containment Measures: Automated firewall blocked communicationsBackdoor discovered and removed
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by automated firewall blocked communications, backdoor discovered and removed and .

Entry Point: Citrix Vulnerability
Backdoors Established: ['Backdoor discovered and removed']

Root Causes: Citrix Vulnerability,
Most Recent Incident Detected: The most recent incident detected was on January 2020.
Most Significant System Affected: The most significant system affected in an incident was Internal network for remote workers.
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Automated firewall blocked communicationsBackdoor discovered and removed.
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Citrix Vulnerability.
.png)
Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permission restrictions via a crafted HTTP request. This allows an attacker who lacks the live queries - read permission to successfully retrieve the list of live queries.
Weblate is a web based localization tool. In versions prior to 5.15.1, it was possible to overwrite Git configuration remotely and override some of its behavior. Version 5.15.1 fixes the issue.
Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch can allow an authenticated user with snapshot restore privileges to cause Excessive Allocation (CAPEC-130) of memory and a denial of service (DoS) via crafted HTTP request.
Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana can allow a low-privileged authenticated user to cause Excessive Allocation (CAPEC-130) of computing resources and a denial of service (DoS) of the Kibana process via a crafted HTTP request.
Improper neutralization of input during web page generation ('Cross-site Scripting') (CWE-79) allows an unauthenticated user to embed a malicious script in content that will be served to web browsers causing cross-site scripting (XSS) (CAPEC-63) via a vulnerability a function handler in the Vega AST evaluator.

Get company history
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.