Fraud Management & Cybercrime , Government , Industry Specific
Ransomware Hits US Marshals ServiceAgency Confirms Sensitive Law Enforcement Information Compromised
Hackers earlier this month maliciously encrypted a system belonging to the U.S. Marshals Service, compromising and exfiltrating sensitive data law enforcement data.
See Also: Live Webinar | Education Cybersecurity Best Practices: Devices, Ransomware, Budgets and Resources
Department of Justice officials classify the attack as a "major incident," said NBC, which broke news of the attack.
Exposed data include returns from legal process, administrative information and personal identifiable information pertaining to subjects of USMS investigations, third parties and a few USMS employees. NBC reported the breach did not affect data of individuals in the Witness Security Program, which relocates witnesses whose cooperation with prosecutors endangers their life or their families' lives.
Marshals Service spokesman Drew Wade told Information Security Media Group that the incident occurred in a stand-alone system, which was soon disconnected from the network.
"On February 17, 2023, USMS discovered a ransomware and data exfiltration event affecting a stand-alone USMS system. The system was disconnected shortly and the Department of Justice initiated a forensic investigation," Wade said in an email.
The Marshals Service notified departmental officials on Feb. 22, and it is working to mitigate any potential risks as a result of the incident, Wade added.
The Marshals Service is primarily responsible for protecting judicial personnel, administering fugitive operations, managing criminal assets and protecting individuals in witness protection.
No group took credit for the attack at the time of writing. The incident comes just weeks after the FBI, also a part of the Justice Department, acknowledged a hack. The bureau said it also quickly isolated the breach.