UDT A.I CyberSecurity Scoring
UDT
Company Information
Website:https://home.treasury.gov/
Employees number:14,483
Number of followers:155,402
NAICS:92
Industry Type:Government Administration
Homepage:treasury.gov
UDT Risk Score (AI oriented)
Between 550 and 599
UDTGovernment Administration
Updated:
02/04/2026
02/04/2026
591/1000
Very Poor
Ca
UDT Global Score (TPRM)
xxxx
UDTGovernment Administration
Score locked

UDTVery Poor
Current Score
591Ca (VERY POOR)
01000
6 incidents
-19 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
602
JUNE 2026
602
MAY 2026
595
APRIL 2026
591
MARCH 2026
589
FEBRUARY 2026
587
JANUARY 2026
583
DECEMBER 2025
579
NOVEMBER 2025
575
OCTOBER 2025
571
SEPTEMBER 2025
566
AUGUST 2025
580
Cyber Attack
22 Aug 2025 • UDT
U.S. Treasury's Office of Foreign Assets Control (OFAC)
Murky Panda (Silk Typhoon) Exploits Trusted Cloud Relationships for Cyberespionage
561
CRITICAL-19
US-526082425
The Chinese state-sponsored hacking group Murky Panda (Silk Typhoon) exploited trusted cloud relationships and zero-day vulnerabilities to breach the U.S. Treasury’s Office of Foreign Assets Control (OFAC). By compromising a SaaS provider’s cloud environment, the attackers gained access to application registration secrets in Entra ID (formerly Azure AD), allowing them to authenticate as a legitimate service and infiltrate downstream networks. This enabled them to read sensitive emails, steal confidential government data, and maintain persistent access through backdoor accounts with escalated privileges.The attack leveraged supply chain vulnerabilities, abusing delegated administrative privileges (DAP) granted to cloud providers, which allowed Murky Panda to move laterally across multiple tenants. Their use of custom malware (CloudedHope RAT), web shells (Neo-reGeorg, China Chopper), and compromised SOHO devices as proxies ensured stealthy, long-term access while evading detection. The breach posed a severe risk to national security, given OFAC’s role in enforcing economic sanctions and combating financial threats. The attackers’ operational security (OPSEC) measures, including log tampering and timestamp manipulation, further obscured forensic traces, amplifying the threat’s sophistication and impact.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
MARCH 2025
627
Breach
01 Mar 2025 • UDT
US Treasury
Breach of US Treasury by Chinese Hackers
556
CRITICAL-71
US-000030825
The breach of the US Treasury by Chinese hackers, including 12 individuals indicted by the Department of Justice, resulted in significant data compromise. Over a three-month period, at least 400 PCs were infiltrated leading to the theft of more than 3,000 files. This attack highlights the risk posed by autonomous state-sponsored hacking groups who target and steal sensitive information from high-profile international entities, selling it to government clients for strategic advantages.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
JANUARY 2025
682
Breach
01 Jan 2025 • UDT
United States Treasury
United States Treasury Breach
621
CRITICAL-61
US-000011025
The United States Treasury suffered a 'major' breach when an Advanced Persistent Threat group, believed to be linked to the Chinese government, exploited flaws in BeyondTrust software. The attackers stole an authentication key, gaining access to department computers and managing to steal 'certain unclassified documents'. While classified as unclassified, the breach's full extent and subsequent risks, such as exposure to financial manipulations and international diplomatic consequences, are still under assessment.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
DECEMBER 2024
741
Breach
01 Dec 2024 • UDT
US Treasury Department
US Treasury Department Breach
680
CRITICAL-61
US-000010125
A breach in early December 2024 at the US Treasury Department involved remote access by hackers to Treasury computers, compromising certain unclassified documents. By exploiting vulnerabilities in remote support software from BeyondTrust, identified as CVE-2024-12356 and CVE-2024-12686, attackers stole an authentication key, enabling system access. Despite the breach being attributed to a Chinese state-sponsored APT actor, no ongoing access was found. The incident sparked collaborations with FBI, CISA, and intelligence agencies for a comprehensive evaluation.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
DECEMBER 2022
734
Cyber Attack
01 Dec 2022 • UDT
U.S. Department of the Treasury
Hacking Attacks Against US Federal Entities
715
CRITICAL-19
USD13361222
Companies suffered as a result of hacking attacks against US federal entities, affected departments included the US Department of Homeland Security, the Department of Commerce, and the Department of the Treasury.
Early this year, Iranian government-sponsored hackers, including the FBI and CISA, gained access to a network of an unnamed US federal agency and used the Log4Shell vulnerability to install crypto miners and use stolen passwords.
According to the advisory, "Cyber threat actors advanced to the domain controller (DC), compromised credentials, implanted Ngrok reverse proxies on multiple hosts to maintain persistence, and then exploited the Log4Shell vulnerability in an unpatched VMware Horizon server to install XMRig crypto mining software.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
REFERENCES
JANUARY 2018
784
Breach
01 Jan 2018 • UDT
Booz Allen Hamilton, Internal Revenue Service and U.S. Department of the Treasury: Feds yank contracts with Booz Allen Hamilton after Trump tax leak
Treasury Cancels Booz Allen Hamilton Contracts After Massive Tax Data Leak
639
CRITICAL-145
BOOIRSUS-1769454012
Treasury Cancels Booz Allen Hamilton Contracts After Massive Tax Data Leak
The U.S. Department of the Treasury announced on Monday the termination of all contracts with consulting firm Booz Allen Hamilton following a major breach involving the leak of sensitive tax information. The decision comes after former IRS contractor Charles Edward Littlejohn, who worked for Booz Allen, was sentenced in 2024 to five years in prison for disclosing confidential tax records including those of former President Donald Trump to media outlets.
Between 2018 and 2020, Littlejohn provided stolen tax data to The New York Times and ProPublica, an act prosecutors described as "unparalleled in the IRS's history." The breach exposed records belonging to approximately 406,000 individuals, though the Treasury’s statement did not explicitly mention Trump’s leaked returns.
Treasury Secretary Scott Bessent stated that the cancellation was necessary to "increase Americans' trust in government," citing Booz Allen’s failure to implement adequate safeguards for sensitive taxpayer data. The department had 31 active contracts with the firm, totaling $4.8 million in annual spending and $21 million in total obligations.
Court documents revealed that Littlejohn intentionally sought the contractor role to access Trump’s tax returns, using his technical skills to extract data without detection. At his sentencing in January 2024, he acknowledged his actions, stating, "I used my skills to systematically violate the privacy of thousands of people." Booz Allen Hamilton has not yet commented on the termination.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for UDT ??
What was UDT's A.I Rankiteo Cyber Score in June 2026 ??
What was UDT's A.I Rankiteo Cyber Score in May 2026 ??
What was UDT's A.I Rankiteo Cyber Score in April 2026 ??
What was UDT's A.I Rankiteo Cyber Score in March 2026 ??
What was UDT's A.I Rankiteo Cyber Score in February 2026 ??
What was UDT's A.I Rankiteo Cyber Score in January 2026 ??
What was UDT's A.I Rankiteo Cyber Score in December 2025 ??
What was UDT's A.I Rankiteo Cyber Score in November 2025 ??
What was UDT's A.I Rankiteo Cyber Score in October 2025 ??
What was UDT's A.I Rankiteo Cyber Score in September 2025 ??
What was UDT's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on UDT's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with UDT ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view UDT's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?