US Marshals Service Suffers Major Cyberattack
The United States Marshals Service (USMS) has suffered a serious ransomware attack that compromised sensitive data. This included law enforcement documents and personal information belonging to employees and the targets of federal investigations.
On Monday, February 27th, Drew Wade, a spokesperson for the USMS, told NBC News: "The affected system contains law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees."
Wade verified that the attackers were able to exfiltrate data and that the USMS is currently investigating the attack as a "major incident." A major incident is a cyberattack that is significant enough to require a federal agency to officially notify Congress.
According to Wade, the attack affected a "stand-alone" system that was not connected to a larger federal network. This means the attackers did not gain access to the systems running the USMS witness protection database. The Marshals Service has disconnected the affected system from its network and alerted the US Department of Justice of the attack, which has already started a forensic investigation.
The USMS has not disclosed details about the attack, including the hacker's identity, how the system was hacked, or whether a ransom was paid. However, the US Marshals service has confirmed that they are working swiftly and effectively to mitigate any potential risks as a result of the incident.
This isn't the first time that USMS has disclosed a data breach. It was revealed in May 2020 that the US Marshals Service exposed the personal details of over 387,000 former and current inmates, including their names, dates of birth, home addresses and social security numbers.
This latest security breach is the most recent in a series of cyberattacks on the US government. Just weeks ago, the FBI was hit by a malicious cyberattack on its own network, while last March, Chinese hackers breached several state government networks.
These incidents continue to raise concerns about the vulnerability of the country's cybersecurity infrastructure.