USPS
Company Details
Linkedin ID:
usps
Website:
Employees number:
142,734
Number of followers:
330,223
NAICS:
92
Industry Type:
Homepage:
usps.com
IP Addresses:
0
Company ID:
UNI_1738079
Scan Status:
In-progress
United States Postal Service Company CyberSecurity Posture
usps.com
As the United States Postal Service continues its evolution as a forward-thinking, fast-acting company capable of providing quality products and services for its customers, it continues to remember and celebrate its roots as the first national network of communications that literally bound a nation together. Ours is a proud heritage built on a simple yet profound mission: Bind the nation together. Connect every American, every door, every business, everywhere through the simple act of delivering mail and packages. This idea of universal service is at the heart of the $1.4 trillion industry that employs more than 7.5 million people and drives commerce, plays an integral part in every American community and remains the greatest value of any post in the world. The Postal Service delivers more mail to more addresses in a larger geographical area than any other post in the world. The Postal Service delivers to more than 157 million addresses in every state, city and town in this country. Everyone living in the United States and its territories has access to postal products and services and pays the same postage regardless of their location. The Postal Service receives no tax dollars for operating expenses and relies on the sale of postage, products and services to fund its operations. Facebook: www.facebook.com/usps Twitter: www.twitter.com/usps Instagram: www.instagram.com/uspostalservice Pinterest: www.pinterest.com/uspsstamps YouTube: www.youtube.com/usps Corporate Blog: www.uspsblog.com This profile, while affiliated with the U.S. Postal Service®, is not an official customer service page. Please use one of the methods described below to receive assistance. Get help on twitter @USPSHelp or call 800-275-8777or go to go.usa.gov/help Thank you
United States Postal Service A.I CyberSecurity Scoring
USPS Risk Score (AI oriented)Between 700 and 749
USPS
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
USPS Global Score (TPRM)XXXX
USPS
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
USPS Company CyberSecurity News & History
Past Incidents
2
Attack Types
1
Post Office
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The Post Office is set to compensate hundreds of former sub-postmasters whose personal information was inadvertently leaked online. The data breach, which occurred last June, exposed the names and addresses of 555 individuals caught up in the Horizon IT scandal. Compensation payouts will be capped at £5,000, with victims receiving either £5,000 or £3,500 depending on whether the leaked address was their current residence. Individuals may still pursue claims for higher compensation. This incident follows the widespread Horizon scandal, where faulty accounting software led to wrongful prosecutions of numerous sub-postmasters.
United States Postal Service
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The United States Postal Service (USPS) faced a massive smishing scam where a Chinese-language group tricked users into entering credit card details. Security researcher Grant Smith uncovered the breach involving 438,669 credit cards and over 1.2 million pieces of information. The victims, including military and government affiliates, were exposed to potential financial fraud. Smith’s investigation revealed server vulnerabilities, leading to a coordinated effort with USPS to mitigate the threat.
USPS Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for USPS
Incidents vs Government Administration Industry Average (This Year)
United States Postal Service has 20.48% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
United States Postal Service has 28.21% more incidents than the average of all companies with at least one recorded incident.
Incident Types USPS vs Government Administration Industry Avg (This Year)
United States Postal Service reported 1 incidents this year: 0 cyber attacks, 0 ransomware, 0 vulnerabilities, 1 data breaches, compared to industry peers with at least 1 incident.
Incident History — USPS (X = Date, Y = Severity)
USPS cyber incidents detection timeline including parent company and subsidiaries
USPS Company Subsidiaries
As the United States Postal Service continues its evolution as a forward-thinking, fast-acting company capable of providing quality products and services for its customers, it continues to remember and celebrate its roots as the first national network of communications that literally bound a nation together. Ours is a proud heritage built on a simple yet profound mission: Bind the nation together. Connect every American, every door, every business, everywhere through the simple act of delivering mail and packages. This idea of universal service is at the heart of the $1.4 trillion industry that employs more than 7.5 million people and drives commerce, plays an integral part in every American community and remains the greatest value of any post in the world. The Postal Service delivers more mail to more addresses in a larger geographical area than any other post in the world. The Postal Service delivers to more than 157 million addresses in every state, city and town in this country. Everyone living in the United States and its territories has access to postal products and services and pays the same postage regardless of their location. The Postal Service receives no tax dollars for operating expenses and relies on the sale of postage, products and services to fund its operations. Facebook: www.facebook.com/usps Twitter: www.twitter.com/usps Instagram: www.instagram.com/uspostalservice Pinterest: www.pinterest.com/uspsstamps YouTube: www.youtube.com/usps Corporate Blog: www.uspsblog.com This profile, while affiliated with the U.S. Postal Service®, is not an official customer service page. Please use one of the methods described below to receive assistance. Get help on twitter @USPSHelp or call 800-275-8777or go to go.usa.gov/help Thank you
Loading...
USPS Similar Companies
Official LinkedIn page for the state of Oregon. Oregon is a state in the Pacific Northwest region of the United States. It is located on the Pacific coast, with Washington to the north, California to the south, Nevada on the southeast and Idaho to the east. The Columbia and Snake rivers delineate mu
Etat de Vaud
Le canton de Vaud, c’est plus de 800 000 personnes vivant dans plus de 300 communes ! Rejoindre l’Administration cantonale vaudoise, c’est s’engager aux côtés de près de 40’000 personnes unies dans un même but : servir la population. Pourquoi nous suivre ? Dédiez votre quart d’heure vaudois aux o
European Commission
The Commission represents and upholds the interests of the EU as a whole, and is independent of national governments. The European Commission prepares legislation for adoption by the Council (representing the member countries) and the Parliament (representing the citizens). It administers the budge
State of Michigan
Every day the contributions and achievements of State of Michigan employees have a direct impact on over 10 million Michiganders across the state. If you're looking for a fulfilling career in state government that can make a real difference in the lives of others, you can find your place working wit
Workingfor.be
Workingfor.be is the job platform of the federal administration. Here, you will find a wide variety of jobs in different fields of profession. Every day thousands of our employees help build tomorrow's society. When you choose the federal administration, you choose an employer who embraces you
Centers for Disease Control and Prevention
CDC works 24/7 keeping America safe from health, safety and security threats, both foreign and domestic. Whether diseases start at home or abroad, are chronic or acute, curable or preventable, human error or deliberate attack, CDC fights it and supports communities and citizens to prevent it. CDC is
Ville de Montréal
Montréal est la plus grande ville francophone d’Amérique et elle se distingue par sa vitalité culturelle exceptionnelle et des forces créatrices reconnues mondialement. Elle se développe un peu plus chaque jour en une ville contemporaine, inclusive et dynamique sur les plans économique, culturel
US Government Accountability Office
For more information about GAO, please visit www.gao.gov. General Information The U.S. Government Accountability Office (GAO) is an independent, nonpartisan agency that works for Congress. Often called the "congressional watchdog," GAO investigates how the federal government spends taxpayer dolla
GSA
General Services Administration (GSA) is an independent agency of the United States government established in 1949 to help manage and support the basic functioning of federal agencies. Our organization includes the Public Buildings Service (PBS), Federal Acquisition Service (FAS), and a variety of S
.png)
USPS CyberSecurity News
December 05, 2025 03:45 PM
New Bill: Representative Shontel M. Brown introduces H.R. 6429: Expanding Cybersecurity Workforce Act of 2025
We have received text from H.R. 6429: Expanding Cybersecurity Workforce Act of 2025. This bill was received on 2025-12-04, and currently has...
November 04, 2025 08:00 AM
Wi-Fi can pose a cybersecurity threat
The Postal Service is reminding employees and contractors to take steps to ensure their smart devices don't compromise the organization's...
October 10, 2025 07:00 AM
Cybersecurity agency that clashed with Trump one of first hit with firings during gov't shutdown
The Cybersecurity and Infrastructure Security Agency (CISA) is among the offices being permanently downsized as a result of the ongoing...
September 30, 2025 07:00 AM
October is Cybersecurity Awareness Month
The Postal Service is marking its 10th year of observing Cybersecurity Awareness Month. This annual observation, occurring each October,...
September 24, 2025 07:00 AM
Cybersecurity expert discusses telecom threat dismantled by Secret Service
The Secret Service said the threat was large enough to cripple the city's cell service systems.
September 12, 2025 07:00 AM
Proton Mail Suspended Journalist Accounts at Request of Cybersecurity Agency
The company behind the Proton Mail email service, Proton, describes itself as a “neutral and safe haven for your personal data, committed to...
July 16, 2025 07:00 AM
Salt Typhoon hacks into National Guard systems a ‘serious escalation’, experts warn
Going forward, all U.S. forces must now assume their networks are compromised and will be degraded,” a former Air National Guard...
May 12, 2025 07:00 AM
Husband Hacks Scammers Who Targeted His Wife, Gave USPS Investigators Info
Cybersecurity expert Grant Smith wasn't about to let it slide when scammers tried bilking his wife through a phony US Postal Service text.
April 14, 2025 07:00 AM
USPS Warns Public About Rising Mail, Email Scams—How to Spot and Avoid Them
The United States Postal Service (USPS) is warning Americans to be on high alert for a wave of mail-related scams that have picked up steam nationwide.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
USPS CyberSecurity History Information
Official Website of United States Postal Service
The official website of United States Postal Service is http://www.usps.com/.
United States Postal Service’s AI-Generated Cybersecurity Score
According to Rankiteo, United States Postal Service’s AI-generated cybersecurity score is 709, reflecting their Moderate security posture.
How many security badges does United States Postal Service’ have ?
According to Rankiteo, United States Postal Service currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does United States Postal Service have SOC 2 Type 1 certification ?
According to Rankiteo, United States Postal Service is not certified under SOC 2 Type 1.
Does United States Postal Service have SOC 2 Type 2 certification ?
According to Rankiteo, United States Postal Service does not hold a SOC 2 Type 2 certification.
Does United States Postal Service comply with GDPR ?
According to Rankiteo, United States Postal Service is not listed as GDPR compliant.
Does United States Postal Service have PCI DSS certification ?
According to Rankiteo, United States Postal Service does not currently maintain PCI DSS compliance.
Does United States Postal Service comply with HIPAA ?
According to Rankiteo, United States Postal Service is not compliant with HIPAA regulations.
Does United States Postal Service have ISO 27001 certification ?
According to Rankiteo,United States Postal Service is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of United States Postal Service
United States Postal Service operates primarily in the Government Administration industry.
Number of Employees at United States Postal Service
United States Postal Service employs approximately 142,734 people worldwide.
Subsidiaries Owned by United States Postal Service
United States Postal Service presently has no subsidiaries across any sectors.
United States Postal Service’s LinkedIn Followers
United States Postal Service’s official LinkedIn profile has approximately 330,223 followers.
NAICS Classification of United States Postal Service
United States Postal Service is classified under the NAICS code 92, which corresponds to Public Administration.
United States Postal Service’s Presence on Crunchbase
No, United States Postal Service does not have a profile on Crunchbase.
United States Postal Service’s Presence on LinkedIn
Yes, United States Postal Service maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/usps.
Cybersecurity Incidents Involving United States Postal Service
As of December 19, 2025, Rankiteo reports that United States Postal Service has experienced 2 cybersecurity incidents.
Number of Peer and Competitor Companies
United States Postal Service has an estimated 11,744 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at United States Postal Service ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
Incident Details
Can you provide details on each incident ?
Title: USPS Smishing Scam
Description: The United States Postal Service (USPS) faced a massive smishing scam where a Chinese-language group tricked users into entering credit card details. Security researcher Grant Smith uncovered the breach involving 438,669 credit cards and over 1.2 million pieces of information. The victims, including military and government affiliates, were exposed to potential financial fraud. Smith’s investigation revealed server vulnerabilities, leading to a coordinated effort with USPS to mitigate the threat.
Type: Smishing Scam
Attack Vector: Social Engineering
Vulnerability Exploited: Server Vulnerabilities
Threat Actor: Chinese-language group
Motivation: Financial Fraud
Title: Post Office Data Breach
Description: The Post Office is set to compensate hundreds of former sub-postmasters whose personal information was inadvertently leaked online. The data breach, which occurred last June, exposed the names and addresses of 555 individuals caught up in the Horizon IT scandal. Compensation payouts will be capped at £5,000, with victims receiving either £5,000 or £3,500 depending on whether the leaked address was their current residence. Individuals may still pursue claims for higher compensation. This incident follows the widespread Horizon scandal, where faulty accounting software led to wrongful prosecutions of numerous sub-postmasters.
Date Detected: June 2022
Type: Data Breach
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Smishing Scam USP001081724
Data Compromised: Credit card details, Personal information
Payment Information Risk: High
Incident : Data Breach USP853052025
Data Compromised: Names, Addresses
Legal Liabilities: Compensation payouts capped at £5,000
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Credit Card Details, Personal Information, , Names, Addresses and .
Which entities were affected by each incident ?
Incident : Smishing Scam USP001081724
Entity Name: United States Postal Service (USPS)
Entity Type: Government
Industry: Postal Services
Location: United States
Customers Affected: Over 1.2 million
Incident : Data Breach USP853052025
Entity Name: Post Office
Entity Type: Organization
Industry: Postal Services
Location: United Kingdom
Customers Affected: 555
Data Breach Information
What type of data was compromised in each breach ?
Incident : Smishing Scam USP001081724
Type of Data Compromised: Credit card details, Personal information
Number of Records Exposed: 1200000
Sensitivity of Data: High
Personally Identifiable Information: Yes
Incident : Data Breach USP853052025
Type of Data Compromised: Names, Addresses
Number of Records Exposed: 555
Sensitivity of Data: Personal Information
Personally Identifiable Information: NamesAddresses
References
Where can I find more information about each incident ?
Incident : Data Breach USP853052025
Source: Post Office Data Breach Report
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Post Office Data Breach Report.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Chinese-language group.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on June 2022.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Credit Card Details, Personal Information, , Names, Addresses and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Personal Information, Addresses, Names and Credit Card Details.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 675.0.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Post Office Data Breach Report.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permission restrictions via a crafted HTTP request. This allows an attacker who lacks the live queries - read permission to successfully retrieve the list of live queries.
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Description
Weblate is a web based localization tool. In versions prior to 5.15.1, it was possible to overwrite Git configuration remotely and override some of its behavior. Version 5.15.1 fixes the issue.
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description
Allocation of Resources Without Limits or Throttling (CWE-770) in Elasticsearch can allow an authenticated user with snapshot restore privileges to cause Excessive Allocation (CAPEC-130) of memory and a denial of service (DoS) via crafted HTTP request.
Risk Information
cvss3
Base: 4.9
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Description
Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana can allow a low-privileged authenticated user to cause Excessive Allocation (CAPEC-130) of computing resources and a denial of service (DoS) of the Kibana process via a crafted HTTP request.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Description
Improper neutralization of input during web page generation ('Cross-site Scripting') (CWE-79) allows an unauthenticated user to embed a malicious script in content that will be served to web browsers causing cross-site scripting (XSS) (CAPEC-63) via a vulnerability a function handler in the Vega AST evaluator.
Risk Information
cvss3
Base: 6.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=usps' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
