UCB
Company Details
Linkedin ID:
us-census-bureau
Website:
Employees number:
11,969
Number of followers:
63,325
NAICS:
92
Industry Type:
Homepage:
census.gov
IP Addresses:
0
Company ID:
U.S_1398862
Scan Status:
In-progress
U.S. Census Bureau Company CyberSecurity Posture
census.gov
The Census Bureau serves as the nation’s leading provider of quality data about its people and economy. We have been headquartered in Suitland, Maryland since 1942, and currently employ about 4,285 staff members. We are part of the U.S. Department of Commerce and overseen by the Economics and Statistics Administration (ESA). We honor privacy, protect confidentiality, share our expertise globally, and conduct our work openly. We are guided on this mission by our strong and capable workforce, our readiness to innovate, and our abiding commitment to our customers. View our comment policy: https://www.census.gov/about/contact-us/comment-policy.html View our privacy policy: https://www.census.gov/about/policies/privacy/privacy-policy.html
U.S. Census Bureau A.I CyberSecurity Scoring
UCB Risk Score (AI oriented)Between 750 and 799
UCB
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
UCB Global Score (TPRM)XXXX
UCB
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
UCB Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
U.S. Census Bureau
Cyber Attack
Rankiteo Explanation
Attack threatening the economy of a geographical region
Description: United States Census Bureau fell victim to a cyberattack in January 2020 that was traced back to a Citrix vulnerability. The attackers managed to breach the internal network used to manage the agency’s remote workers but the automated firewall blocked communications with the attacker’s command and control servers. No census information or data was accessed by the attackers as the backdoor was discovered and removed.
UCB Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for UCB
Incidents vs Government Administration Industry Average (This Year)
No incidents recorded for U.S. Census Bureau in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for U.S. Census Bureau in 2025.
Incident Types UCB vs Government Administration Industry Avg (This Year)
No incidents recorded for U.S. Census Bureau in 2025.
Incident History — UCB (X = Date, Y = Severity)
UCB cyber incidents detection timeline including parent company and subsidiaries
UCB Company Subsidiaries
The Census Bureau serves as the nation’s leading provider of quality data about its people and economy. We have been headquartered in Suitland, Maryland since 1942, and currently employ about 4,285 staff members. We are part of the U.S. Department of Commerce and overseen by the Economics and Statistics Administration (ESA). We honor privacy, protect confidentiality, share our expertise globally, and conduct our work openly. We are guided on this mission by our strong and capable workforce, our readiness to innovate, and our abiding commitment to our customers. View our comment policy: https://www.census.gov/about/contact-us/comment-policy.html View our privacy policy: https://www.census.gov/about/policies/privacy/privacy-policy.html
Loading...
UCB Similar Companies
Region Midtjylland
Region Midtjyllands mål er at skabe sundhed, trivsel, vækst og velstand for regionens 1,3 millioner borgere. Vi er cirka 30.000 kolleger, der er fælles om at sikre helhed og sammenhæng for patienter, brugere og borgere i regionen. Det gælder lige fra at tilbyde den bedste behandling her og nu til
South African Revenue Service (SARS)
Its main functions are to: collect and administer all national taxes, duties and levies; collect revenue that may be imposed under any other legislation, as agreed on between SARS and an organ of state or institution entitled to the revenue; provide protection against the illegal importation
State of Tennessee
State government is the largest employer in Tennessee, with approximately 43,500 employees in the three branches of government. The State of Tennessee has approximately 1,300 different job classifications in areas such as administrative, health services, historic preservation, legal, agriculture, co
IBGE
The Brazilian Institute of Geography and Statistics or IBGE (Portuguese: Instituto Brasileiro de Geografia e Estatística), is the agency responsible for statistical, geographic, cartographic, geodetic and environmental information in Brazil. The IBGE performs a national census every ten years, and t
Rijkswaterstaat
Rijkswaterstaat is de uitvoeringsorganisatie van het Ministerie van Infrastructuur en Waterstaat. We beheren en ontwikkelen de rijkswegen, -vaarwegen en –wateren en zetten in op een duurzame leefomgeving. Samen met andere organisaties werken we aan een land dat beschermd is tegen overstromingen. Wa
Ministry of Environment and Urbanism
MINISTRY of ENVIRONMENT and URBANISM (MEU) MAIN SERVICE UNITS ================== 1) General Directorate of Construction Works 2) General Directorate of Spatial Planning 3) General Directorate of Environmental Management 4) General Directorate of EIA, Permits and Control 5) General Directo
Government of Canada
The Government of Canada works on behalf of Canadians, both at home and abroad. Visit www.Canada.ca to learn more. Canada’s professional, non-partisan public service is among the best in the world, and many of its departments and agencies place in Canada’s Top 100 Employers year after year. If you
City of Seattle
Work With Purpose. Shape Seattle. Inspire the World. Seattle is more than a world-class city — it’s a vibrant, evolving community rooted in shared values of sustainability, innovation, and inclusion. As a public employer, the City of Seattle is committed to building a city that works for everyone —
INSS
O Instituto Nacional do Seguro Social (INSS) é uma autarquia do Governo Federal do Brasil que recebe as contribuições para a manutenção do Regime Geral da Previdência Social, sendo responsável pelo pagamento da aposentadoria, pensão por morte, auxílio-doença, auxílio-acidente, entre outros benefício
.png)
UCB CyberSecurity News
October 29, 2025 07:00 AM
Republican Proposal Aims to Eliminate Differential Privacy in US Census Data
In the intricate world of data privacy and federal statistics, a Republican-backed proposal is stirring significant debate among...
October 10, 2025 07:00 AM
The Great Data Drought: Cyberattack Cripples US Economic Reporting, Plunging Markets into Unprecedented Uncertainty on October 10, 2025
The financial world finds itself adrift on October 10, 2025, as a sophisticated and unprecedented cyberattack has crippled the United...
September 23, 2025 07:00 AM
Beau Houser
Beau Houser serves as the Chief Information Security Officer (CISO) for the US Census Bureau where he leads the agency's cybersecurity program.
June 09, 2025 07:00 AM
Joshua Williams
Josh Williams helps clients assess and manage the impact of US economic sanctions and export controls on their global operations.
May 07, 2025 07:00 AM
Every kid counts: Why the fight for a fair 2030 census matters more than ever
The first United States Census was taken at the dawn of the nation in 1790, under George Washington's presidency and then-Secretary of State...
December 05, 2024 08:00 AM
Census Bureau Identifies Seven Problems for Next Survey
The 2030 census program could encounter multiple issues, which are likely to influence the design and implementation of the population...
November 21, 2024 08:00 AM
Gunnison Awarded State Department Cybersecurity Support Contract
Gunnison Consulting Group has secured a five-year contract from the State Department to provide cybersecurity support services for the Bureau of Consular...
November 12, 2024 05:37 PM
Spokane County profile
In August, the not seasonally adjusted monthly unemployment rate increased from 4.2% to 4.3%. Total nonfarm employment increased by 200 jobs in the...
October 28, 2024 01:13 PM
FBI Warns of 63 Spoofed Domains Impersonating the US Census Bureau
Cybercriminals register fake US Census Bureau domains to dupe unsuspecting citizens to provide personal information and install malware, the FBI warns.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
UCB CyberSecurity History Information
Official Website of U.S. Census Bureau
The official website of U.S. Census Bureau is http://www.census.gov.
U.S. Census Bureau’s AI-Generated Cybersecurity Score
According to Rankiteo, U.S. Census Bureau’s AI-generated cybersecurity score is 776, reflecting their Fair security posture.
How many security badges does U.S. Census Bureau’ have ?
According to Rankiteo, U.S. Census Bureau currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does U.S. Census Bureau have SOC 2 Type 1 certification ?
According to Rankiteo, U.S. Census Bureau is not certified under SOC 2 Type 1.
Does U.S. Census Bureau have SOC 2 Type 2 certification ?
According to Rankiteo, U.S. Census Bureau does not hold a SOC 2 Type 2 certification.
Does U.S. Census Bureau comply with GDPR ?
According to Rankiteo, U.S. Census Bureau is not listed as GDPR compliant.
Does U.S. Census Bureau have PCI DSS certification ?
According to Rankiteo, U.S. Census Bureau does not currently maintain PCI DSS compliance.
Does U.S. Census Bureau comply with HIPAA ?
According to Rankiteo, U.S. Census Bureau is not compliant with HIPAA regulations.
Does U.S. Census Bureau have ISO 27001 certification ?
According to Rankiteo,U.S. Census Bureau is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of U.S. Census Bureau
U.S. Census Bureau operates primarily in the Government Administration industry.
Number of Employees at U.S. Census Bureau
U.S. Census Bureau employs approximately 11,969 people worldwide.
Subsidiaries Owned by U.S. Census Bureau
U.S. Census Bureau presently has no subsidiaries across any sectors.
U.S. Census Bureau’s LinkedIn Followers
U.S. Census Bureau’s official LinkedIn profile has approximately 63,325 followers.
NAICS Classification of U.S. Census Bureau
U.S. Census Bureau is classified under the NAICS code 92, which corresponds to Public Administration.
U.S. Census Bureau’s Presence on Crunchbase
No, U.S. Census Bureau does not have a profile on Crunchbase.
U.S. Census Bureau’s Presence on LinkedIn
Yes, U.S. Census Bureau maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/us-census-bureau.
Cybersecurity Incidents Involving U.S. Census Bureau
As of December 19, 2025, Rankiteo reports that U.S. Census Bureau has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
U.S. Census Bureau has an estimated 11,745 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at U.S. Census Bureau ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack.
How does U.S. Census Bureau detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with automated firewall blocked communications, containment measures with backdoor discovered and removed..
Incident Details
Can you provide details on each incident ?
Title: United States Census Bureau Cyberattack
Description: The United States Census Bureau fell victim to a cyberattack in January 2020 that was traced back to a Citrix vulnerability. The attackers managed to breach the internal network used to manage the agency’s remote workers but the automated firewall blocked communications with the attacker’s command and control servers. No census information or data was accessed by the attackers as the backdoor was discovered and removed.
Date Detected: January 2020
Type: Cyberattack
Attack Vector: Network Intrusion
Vulnerability Exploited: Citrix Vulnerability
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Citrix Vulnerability.
Impact of the Incidents
What was the impact of each incident ?
Incident : Cyberattack USC13507522
Systems Affected: Internal network for remote workers
Which entities were affected by each incident ?
Incident : Cyberattack USC13507522
Entity Name: United States Census Bureau
Entity Type: Government Agency
Industry: Government
Location: United States
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Cyberattack USC13507522
Containment Measures: Automated firewall blocked communicationsBackdoor discovered and removed
Data Breach Information
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by automated firewall blocked communications, backdoor discovered and removed and .
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Cyberattack USC13507522
Entry Point: Citrix Vulnerability
Backdoors Established: ['Backdoor discovered and removed']
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Cyberattack USC13507522
Root Causes: Citrix Vulnerability,
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on January 2020.
Impact of the Incidents
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Internal network for remote workers.
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Automated firewall blocked communicationsBackdoor discovered and removed.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Citrix Vulnerability.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permission restrictions via a crafted HTTP request. This allows an attacker who lacks the live queries - read permission to successfully retrieve the list of live queries.
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Description
Weblate is a web based localization tool. In versions prior to 5.15.1, it was possible to overwrite Git configuration remotely and override some of its behavior. Version 5.15.1 fixes the issue.
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description
Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch can allow an authenticated user with snapshot restore privileges to cause Excessive Allocation (CAPEC-130) of memory and a denial of service (DoS) via crafted HTTP request.
Risk Information
cvss3
Base: 4.9
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Description
Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana can allow a low-privileged authenticated user to cause Excessive Allocation (CAPEC-130) of computing resources and a denial of service (DoS) of the Kibana process via a crafted HTTP request.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Description
Improper neutralization of input during web page generation ('Cross-site Scripting') (CWE-79) allows an unauthenticated user to embed a malicious script in content that will be served to web browsers causing cross-site scripting (XSS) (CAPEC-63) via a vulnerability a function handler in the Vega AST evaluator.
Risk Information
cvss3
Base: 6.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=us-census-bureau' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
