Friday, May 2, 2025
HomeCyber AttackU.S. Marshals Service Hacked - Sensitive Information Leaked

U.S. Marshals Service Hacked – Sensitive Information Leaked

Published on

SIEM as a Service

Follow Us on Google News

The theft of critical law enforcement data is currently under investigation by the U.S. Marshals Service (USMS), triggered by a ransomware attack that targeted a stand-alone USMS system. 

The USMS has confirmed that the compromised information is of a sensitive nature and is working to identify the culprits behind the attack.

The United States Marshals Service (USMS) is a crucial bureau operating under the Department of Justice, catering to every facet of the federal justice system. 

- Advertisement - Google News

Their functions span from executing federal court orders and seizing assets that have been acquired illegally, to safeguarding the well-being of government witnesses and their kin. Additionally, USMS provides a range of other services that are essential to the efficient functioning of the federal justice system.

As per a report by NBC, the federal law enforcement agency has confirmed that the recently stolen data contains personally identifiable information of its employees. The agency is taking immediate measures to contain the damage and has urged its employees to be extra vigilant with their personal information.

Here’s what the USMS spokesperson, Drew Wade stated:-

“On February 17th, a stand-alone USMS system was hit by a ransomware attack that resulted in a data exfiltration event.” 

However, the Marshals Service immediately took notice of the situation and launched an investigation to identify the attackers behind this incident. Even they also disconnected the affected system from the network to stop the further spread.

Sensitive Information Leaked

There is sensitive information contained within the affected system that is relevant to law enforcement, including:-

  • Returns from legal process
  • Administrative information
  • PII related to USMS investigations
  • PII related to third parties
  • PII related to USMS employees

USMS’ Witness Security Files Information System was not accessed by the attackers, as they were unable to establish any access to the system. While this security breach has not led to any danger to anyone in the witness protection program.

The recent incident involving the USMS system is a matter of significant concern, as it involves the theft of sensitive information related to ongoing investigations by the Marshals Service. 

The compromised data is of high importance to law enforcement agencies and could potentially jeopardize the safety and security of the subjects of these investigations. 

The USMS is treating this matter with utmost seriousness and taking all necessary measures to contain the damage caused by the breach.

Despite the recent ransomware attack and data exfiltration event, the USMS has managed to develop a temporary solution to ensure that their operations are not affected. 

The agency is working diligently to track down fugitives and suspects, even as it investigates the extent of the damage caused by the attack. While the situation remains precarious, the USMS is confident that their measures will allow them to continue their efforts until a permanent solution can be found.

Network Security Checklist – Download Free E-Book

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Dutch Services Disrupted by DDoS Attacks From Russian-Affiliated Hacktivists

Multiple Dutch organizations have experienced significant service disruptions this week due to a series...

Seven Malicious Packages Exploit Gmail SMTP to Run Harmful Commands

A major supply chain security incident has rocked the Python open-source community as researchers...

CISA Issues New ICS Advisories Addressing Critical Vulnerabilities and Exploits

The Cybersecurity and Infrastructure Security Agency (CISA) has issued two new advisories revealing critical...

NVIDIA TensorRT-LLM Vulnerability Let Hackers Run Malicious Code

NVIDIA has issued an urgent security advisory after discovering a significant vulnerability (CVE-2025-23254) in...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Dutch Services Disrupted by DDoS Attacks From Russian-Affiliated Hacktivists

Multiple Dutch organizations have experienced significant service disruptions this week due to a series...

Seven Malicious Packages Exploit Gmail SMTP to Run Harmful Commands

A major supply chain security incident has rocked the Python open-source community as researchers...

CISA Issues New ICS Advisories Addressing Critical Vulnerabilities and Exploits

The Cybersecurity and Infrastructure Security Agency (CISA) has issued two new advisories revealing critical...