Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
USAA

USAA Vendor Cyber Rating & Cyber Score

usaajobs.com

Since the beginning, our mission has been to provide a range of financial services to the military community and their families. Along the way, we’ve also established ourselves as a destination employer for passionate people looking to serve those who are willing to give it their all. Our mission is to stand with our members and be there for them and their families by facilitating their financial security. It starts with offering a range of highly competitive products, exceptional service, and trusted advice. But to be the military community’s provider of choice also takes dedicated team members who share our core values of service, loyalty, honesty, and integrity.


USAA A.I CyberSecurity Scoring

USAA
Company Information
Website:http://www.usaajobs.com
Employees number:40,115
Number of followers:442,529
NAICS:52
Industry Type:Financial Services
Homepage:usaajobs.com
USAA Risk Score (AI oriented)
Between 700 and 749
logo
USAAFinancial Services
Updated:
16/06/2026
706/1000
Moderate
Ba
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
USAA Global Score (TPRM)
xxxx
logo
USAAFinancial Services
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

USAA
USAAModerate
Current Score
706Ba (MODERATE)
01000
3 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
707Before Incident
JUNE 2026
706Before Incident
MAY 2026
705Before Incident
APRIL 2026
703Before Incident
MARCH 2026
701Before Incident
FEBRUARY 2026
700Before Incident
JANUARY 2026
698Before Incident
DECEMBER 2025
696Before Incident
NOVEMBER 2025
694Before Incident
OCTOBER 2025
692Before Incident
SEPTEMBER 2025
690Before Incident
AUGUST 2025
688Before Incident
APRIL 2024
714Before Incident
Breach
13 Apr 2024USAA
United Services Automobile Association

USAA Data Breach

647After Incident
HIGH-67
USA444072625
The Maine Office of the Attorney General reported a data breach incident involving the United Services Automobile Association (USAA) on August 28, 2024. The breach, which occurred on April 30, 2024, involved an internal system error that potentially exposed personal information for 32,276 individuals, including 156 residents of Maine. Identity theft protection services were offered in the form of a 24-month membership to Experian's IdentityWorks program.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Personal InformationIdentity Theft Risk: High
DATA BREACH
Type Of Data Compromised: Personal InformationSensitivity Of Data: High
DECEMBER 2022
739Before Incident
Breach
01 Dec 2022USAA
United Services Automobile Association

USAA Data Breach

684After Incident
HIGH-55
USA625072625
The Vermont Office of the Attorney General reported on June 22, 2023, that the United Services Automobile Association (USAA) experienced a data breach due to improperly shared access credentials by call center representatives. The breach incident occurred between December 20, 2022, and May 18, 2023, affecting an unspecified number of members' personal information.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Data Compromised: Personal Information
DATA BREACH
Type Of Data Compromised: Personal Information
MAY 2021
796Before Incident
Breach
01 May 2021USAA
USAA: USAA Data Breach: What Happened and What Members Should Do

USAA Data Breaches Expose Sensitive Military Member Data in Three Separate Incidents (2021–2024)

714After Incident
CRITICAL-82
USA1781641808
USAA Data Breaches Expose Sensitive Military Member Data in Three Separate Incidents (2021–2024) Between 2021 and 2024, USAA one of the largest financial institutions serving active-duty military, veterans, and their families disclosed three major data breaches, each stemming from different vulnerabilities. The incidents compromised the personal and financial information of over 73,000 members, with risks amplified by the high-value nature of military identities in fraud schemes. ### 2021: Exploited Insurance Quote Tool In May 2021, attackers leveraged a flaw in USAA’s online insurance quote tool, which lacked rate limiting and CAPTCHA controls. By cycling through stolen personal data from other breaches, criminals matched records to active USAA accounts, exposing driver’s license numbers and other PII for 22,383 members (12,627 in New York alone). The breach led to a $3.25 million class-action settlement, with affected members eligible for payouts averaging $143 per claim. ### 2022–2023: Third-Party Contractor Credential Abuse From December 20, 2022, to May 18, 2023, call center representatives at a USAA third-party vendor shared login credentials with unauthorized individuals, granting access to member accounts. The breach exposed names, addresses, partial Social Security numbers, bank details, PINs, and debit/credit card numbers for ~19,000 members. A smaller, unrelated incident in August 2023 involved another contractor mishandling data, though the number of affected members was undisclosed. USAA offered two years of free Experian IdentityWorks monitoring to victims, who were not notified until June 26, 2023 over a month after the breach window closed. ### 2024: Internal System Error Leaks Documents On April 13, 2024, a routine system update misconfigured USAA’s document delivery platform, causing 32,276 members’ files including Social Security numbers, medical records, and insurance policy details to be visible to other users. USAA detected the error on April 30 but did not notify affected members until August 27, sparking a lawsuit alleging negligence and delayed disclosure. While no fraud was reported, the exposed data posed significant identity theft risks. ### Legal and Security Fallout - The 2021 breach resulted in the $3.25 million settlement, with claims still open. - The 2024 incident prompted a lawsuit over delayed notifications. - USAA has not attributed any breach to a nation-state actor or organized hacking group; instead, failures ranged from design flaws to third-party insider threats and internal errors. - Affected members received free Experian IdentityWorks monitoring, though experts note this service is not the most robust option for identity protection. ### Impact on Military Members USAA’s breaches are particularly concerning due to its military-affiliated customer base, whose data carries higher trust signals in financial systems. Stolen information such as Social Security numbers, bank details, and medical records enables fraudsters to open fraudulent accounts, file false benefits claims, or conduct targeted phishing attacks. The incidents underscore vulnerabilities in third-party vendor oversight, system design, and change management, none of which required sophisticated cyberattacks to exploit.
INCIDENT DETAILS -
TYPE
Data BreachInsider ThreatSystem Misconfiguration
MOTIVATION
Financial GainFraudIdentity Theft
IMPACT
Financial Loss: $3.25 million (class-action settlement)Data Compromised: Personal and financial information, including driver’s license numbers, Social Security numbers, bank details, PINs, debit/credit card numbers, medical records, and insurance policy detailsOnline insurance quote toolCall center systemsDocument delivery platformOperational Impact: Delayed member notifications, legal actions, and regulatory scrutinyBrand Reputation Impact: Significant, particularly due to the military-affiliated customer baseClass-action lawsuit ($3.25M settlement)Lawsuit over delayed notifications (2024)Identity Theft Risk: High, due to exposure of Social Security numbers, bank details, and medical recordsPayment Information Risk: High, due to exposure of debit/credit card numbers and PINs
DATA BREACH
Personally Identifiable Information (PII)Financial DataMedical RecordsInsurance Policy Details22,383 (2021)~19,000 (2022–2023)32,276 (2024)Sensitivity Of Data: High (Social Security numbers, bank details, medical records)Documents (e.g., insurance policies, medical records)NamesAddressesSocial Security numbersDriver’s license numbers

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for USAA ?
?
What was USAA's A.I Rankiteo Cyber Score in June 2026 ?
?
What was USAA's A.I Rankiteo Cyber Score in May 2026 ?
?
What was USAA's A.I Rankiteo Cyber Score in April 2026 ?
?
What was USAA's A.I Rankiteo Cyber Score in March 2026 ?
?
What was USAA's A.I Rankiteo Cyber Score in February 2026 ?
?
What was USAA's A.I Rankiteo Cyber Score in January 2026 ?
?
What was USAA's A.I Rankiteo Cyber Score in December 2025 ?
?
What was USAA's A.I Rankiteo Cyber Score in November 2025 ?
?
What was USAA's A.I Rankiteo Cyber Score in October 2025 ?
?
What was USAA's A.I Rankiteo Cyber Score in September 2025 ?
?
What was USAA's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on USAA's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with USAA ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view USAA's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?